0701測試
作業系統 ubuntu1004_server
1.安裝openvpn
#sudo apt-get install openvpn
2.openvpn_server端設定
#sudo su -
#mkdir /etc/openvpn/easy-rsa
#cp -R /usr/share/doc/openvpn/examples/easy-rsa/2.0/* /etc/openvpn/easy-rsa
#cd /etc/openvpn/easy-rsa/
#sh ./var //可以進一步修改參數如國家,組織單位
#sh ./clean-all
#sh ./build-ca
#sh ./build-key-server server
#sh ./build-key client01
#sh ./build-db
註:以上會產生 /etc/openvpn/easy-rsa/key 資料目錄即產生server,client01金鑰在此目錄
3..修改server.conf (若要debug,直接下命令#openvpn /etc/openvpn/server.conf //可以進行除錯)
openvn_server設定 /etc/openvpn/serve.conf
#######################################################################
local 0.0.0.0
port 1194
proto udp
dev tap
#dev tun
ca /etc/openvpn/easy-rsa/keys/ca.crt
cert /etc/openvpn/easy-rsa/keys/server.crt
key /etc/openvpn/easy-rsa/keys/server.key
dh /etc/openvpn/easy-rsa/keys/dh1024.pem
server 172.16.0.0 255.255.255.0
#server-bridge 172.16.0.5 255.255.255.0 172.16.0.60 172.16.0.70
#push "redirect-gateway local def1"
#route 192.168.1.0 255.255.255.0
push "route 192.168.123.0"
#push "dhcp-option DNS 172.16.0.10"
#push "dhcp-option DNS 192.168.0.11"
mode server
tls-server
keepalive 10 120
comp-lzo
max-clients 100
persist-key
persist-tun
status openvpn-status.log
verb 3
########################################################################
4.測試server.conf是否有錯
#openvpn /etc/openvpn/server.conf //進行除錯,若有問題,會出現錯誤訊息
若設定正確,啟動service
#/etc/init.d/openvpn start
openvpn_client設定
Windows_XP安裝
1.安裝:http://openvpn.net/release/openvpn-2.1.1-install.exe
2.客戶端設定路徑:C:\Program Files\OpenVPN\config
2.1 openvpn_server產生的金鑰,ca.crt, client01.crt,client01.key 放罝此目錄
2.2設定client.ovpn
client
dev tap
;dev tun
;proto tcp
proto udp
remote sip.voip.mooo.com 1194
resolv-retry infinite
nobind
# Try to preserve some state across restarts.
persist-key
persist-tun
ca ca.crt
cert client01.crt
key client01.key
ns-cert-type server
comp-lzo
verb 3
