Difference between revisions of "OpenVPN"
From Fixme.ch
(→Information) |
(→Command Line) |
||
Line 7: | Line 7: | ||
== Client configuration == | == Client configuration == | ||
=== Command Line === | === Command Line === | ||
− | * | + | * Copy this to ca.crt |
+ | <pre> | ||
+ | -----BEGIN CERTIFICATE----- | ||
+ | MIIDvDCCAyWgAwIBAgIJALowX2zad5mbMA0GCSqGSIb3DQEBBQUAMIGbMQswCQYD | ||
+ | VQQGEwJDSDELMAkGA1UECBMCVkQxETAPBgNVBAcTCExhdXNhbm5lMRowGAYDVQQK | ||
+ | ExFGSVhNRSBIQUNLRVJTUEFDRTEMMAoGA1UECxMDVlBOMRUwEwYDVQQDEwxmb28u | ||
+ | Zml4bWUuY2gxDjAMBgNVBCkTBUZJWE1FMRswGQYJKoZIhvcNAQkBFgx2cG5AZml4 | ||
+ | bWUuY2gwHhcNMTIxMjI4MjMzODE4WhcNMjIxMjI2MjMzODE4WjCBmzELMAkGA1UE | ||
+ | BhMCQ0gxCzAJBgNVBAgTAlZEMREwDwYDVQQHEwhMYXVzYW5uZTEaMBgGA1UEChMR | ||
+ | RklYTUUgSEFDS0VSU1BBQ0UxDDAKBgNVBAsTA1ZQTjEVMBMGA1UEAxMMZm9vLmZp | ||
+ | eG1lLmNoMQ4wDAYDVQQpEwVGSVhNRTEbMBkGCSqGSIb3DQEJARYMdnBuQGZpeG1l | ||
+ | LmNoMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDpL2ZXBJw9MX7b2iezP+P7 | ||
+ | +hI4XjXx1HCyV1TmM2sXCxenN+BmS9uD+hz/kOtHxakVHsm4QKkqcppNJGscpZis | ||
+ | HopK733rEviVARZxhn4ANEOp9JXeXu8hsy0hC5DEozGceSOzkxnJWUM64e7rhBzQ | ||
+ | CiZN7FDrJN2ok1ifFEojtQIDAQABo4IBBDCCAQAwHQYDVR0OBBYEFJV7oFA/wZX1 | ||
+ | Yp6enu/++UkotcrXMIHQBgNVHSMEgcgwgcWAFJV7oFA/wZX1Yp6enu/++UkotcrX | ||
+ | oYGhpIGeMIGbMQswCQYDVQQGEwJDSDELMAkGA1UECBMCVkQxETAPBgNVBAcTCExh | ||
+ | dXNhbm5lMRowGAYDVQQKExFGSVhNRSBIQUNLRVJTUEFDRTEMMAoGA1UECxMDVlBO | ||
+ | MRUwEwYDVQQDEwxmb28uZml4bWUuY2gxDjAMBgNVBCkTBUZJWE1FMRswGQYJKoZI | ||
+ | hvcNAQkBFgx2cG5AZml4bWUuY2iCCQC6MF9s2neZmzAMBgNVHRMEBTADAQH/MA0G | ||
+ | CSqGSIb3DQEBBQUAA4GBAAi2XgH93CxEhff2Q5tk/B2hzu+xtcBLzYjcgq1QqJ63 | ||
+ | ipG9maoav2UrjuWDjb+7WnzSe7JMF8Ay8CqWHgf9Dfqb04PLcIGPe5OPo8jlf4QF | ||
+ | k1uBZs0F+Z2v1yq4EK4KJ/hJxLJIX6xs5UGeK2GaaHKROuQX9N5iIb6BhyA5tlzd | ||
+ | -----END CERTIFICATE----- | ||
+ | </pre> | ||
* Put the following content in a ''foo.cfg'' configuration file | * Put the following content in a ''foo.cfg'' configuration file | ||
− | |||
<pre> | <pre> | ||
client | client | ||
Line 24: | Line 47: | ||
auth-user-pass | auth-user-pass | ||
</pre> | </pre> | ||
− | * | + | * /!\ The certificate ca.crt must be in the same directory as foo.cfg, or change path in foo.cfg /!\ |
+ | * Then connect to the VPN | ||
<pre> | <pre> | ||
$ openvpn foo.cfg | $ openvpn foo.cfg |
Revision as of 17:31, 27 December 2013
Information
- Easy access to the FIXME Network from the outside world
- This is part of the Internal_Server
- You must have a local account on foo and be in the vpnusers unix group
Client configuration
Command Line
- Copy this to ca.crt
-----BEGIN CERTIFICATE----- MIIDvDCCAyWgAwIBAgIJALowX2zad5mbMA0GCSqGSIb3DQEBBQUAMIGbMQswCQYD VQQGEwJDSDELMAkGA1UECBMCVkQxETAPBgNVBAcTCExhdXNhbm5lMRowGAYDVQQK ExFGSVhNRSBIQUNLRVJTUEFDRTEMMAoGA1UECxMDVlBOMRUwEwYDVQQDEwxmb28u Zml4bWUuY2gxDjAMBgNVBCkTBUZJWE1FMRswGQYJKoZIhvcNAQkBFgx2cG5AZml4 bWUuY2gwHhcNMTIxMjI4MjMzODE4WhcNMjIxMjI2MjMzODE4WjCBmzELMAkGA1UE BhMCQ0gxCzAJBgNVBAgTAlZEMREwDwYDVQQHEwhMYXVzYW5uZTEaMBgGA1UEChMR RklYTUUgSEFDS0VSU1BBQ0UxDDAKBgNVBAsTA1ZQTjEVMBMGA1UEAxMMZm9vLmZp eG1lLmNoMQ4wDAYDVQQpEwVGSVhNRTEbMBkGCSqGSIb3DQEJARYMdnBuQGZpeG1l LmNoMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDpL2ZXBJw9MX7b2iezP+P7 +hI4XjXx1HCyV1TmM2sXCxenN+BmS9uD+hz/kOtHxakVHsm4QKkqcppNJGscpZis HopK733rEviVARZxhn4ANEOp9JXeXu8hsy0hC5DEozGceSOzkxnJWUM64e7rhBzQ CiZN7FDrJN2ok1ifFEojtQIDAQABo4IBBDCCAQAwHQYDVR0OBBYEFJV7oFA/wZX1 Yp6enu/++UkotcrXMIHQBgNVHSMEgcgwgcWAFJV7oFA/wZX1Yp6enu/++UkotcrX oYGhpIGeMIGbMQswCQYDVQQGEwJDSDELMAkGA1UECBMCVkQxETAPBgNVBAcTCExh dXNhbm5lMRowGAYDVQQKExFGSVhNRSBIQUNLRVJTUEFDRTEMMAoGA1UECxMDVlBO MRUwEwYDVQQDEwxmb28uZml4bWUuY2gxDjAMBgNVBCkTBUZJWE1FMRswGQYJKoZI hvcNAQkBFgx2cG5AZml4bWUuY2iCCQC6MF9s2neZmzAMBgNVHRMEBTADAQH/MA0G CSqGSIb3DQEBBQUAA4GBAAi2XgH93CxEhff2Q5tk/B2hzu+xtcBLzYjcgq1QqJ63 ipG9maoav2UrjuWDjb+7WnzSe7JMF8Ay8CqWHgf9Dfqb04PLcIGPe5OPo8jlf4QF k1uBZs0F+Z2v1yq4EK4KJ/hJxLJIX6xs5UGeK2GaaHKROuQX9N5iIb6BhyA5tlzd -----END CERTIFICATE-----
- Put the following content in a foo.cfg configuration file
client dev tun proto udp remote foo.fixme.ch 1194 resolv-retry infinite nobind persist-key persist-tun ca ca.crt comp-lzo verb 4 auth-user-pass
- /!\ The certificate ca.crt must be in the same directory as foo.cfg, or change path in foo.cfg /!\
- Then connect to the VPN
$ openvpn foo.cfg