DEBIAN6 System Configuration OpenVPN Server Tutorial

Source: Internet
Author: User
Tags vars ssh openvpn host


You need to turn on SSH to connect your cloud server as root or user using sudo to access SSH connections. This guide assumes that users use sudo access. But you can take things using roots only by stripping "sudo" from the start of each command. If you are running Linux or Mac on your system, you can use the SSH terminal program. If you are using Windows, you can use putty to login to SSH. Once the terminal is open, assuming you are using the LINUX/MAC system, you can login to enter the following command:

SSH username@ipaddress

Enter the password you want, you can start setting up OpenVPN.

Install OpenVPN and generate the necessary files

Before starting the installation OpenVPN and its prerequisites, we should make sure all the packages in our system are up to date. We can use the following command:

sudo apt-get update

This should be appropriate for the Debian Package Manager. Download all the update packages.

sudo apt-get upgrade

After our system downloads all the updates, we can finally install OpenVPN.

sudo apt-get install OpenVPN udev

Once the installation is complete, you can start configuring OpenVPN. First, you should encrypt all the files in their default directory directory should be in the cloud server to read them.

sudo cp-r/usr/share/doc/openvpn/examples/easy-rsa/etc/openvpn

Now that you've done that, you can start generating RSA algorithm files for your VPN. You will be asked to provide various when you produce these key values. You can set these regardless of what you want, but remember that they will be included in the generated certificate.

cd/etc/openvpn/easy-rsa/2.0/

Then generate the RSA file:

sudo./vars
sudo./clean-all
sudo./build-ca

After the certificate is generated, you can have the server private key. To do this, type the following command, and then change the name server you want to OpenVPN the server. This script will also ask you for information.

Sudo. /etc/openvpn/easy-rsa/2.0/build-key-server Server

Generate Diffie Herman key exchange parameters.

Sudo. /etc/openvpn/easy-rsa/2.0/build-dh

A OpenVPN host is now being generated for each client to generate the key. You should do this step for each client installation will be hosted to ensure that each customer's key identifier is unique.

Sudo. /etc/openvpn/easy-rsa/2.0/build-key Client

Move the file server certificate and key to the/etc/openvpn directory. Replace the server. CRT and server. The file name that is used primarily.

sudo cp/etc/openvpn/easy-rsa/2.0/keys/ca.crt/etc/openvpn
sudo cp/etc/openvpn/easy-rsa/2.0/keys/ca.key/etc/openvpn
sudo cp/etc/openvpn/easy-rsa/2.0/keys/dh1024.pem/etc/openvpn
sudo cp/etc/openvpn/easy-rsa/2.0/keys/server.crt/etc/openvpn
sudo cp/etc/openvpn/easy-rsa/2.0/keys/server.key/etc/openvpn

If you need to remove someone else's access VPN, send only the following two commands. Replace "Client" with the name of the customer is deleted.

Sudo. /etc/openvpn/easy-rsa/2.0/vars
Sudo. /etc/openvpn/easy-rsa/2.0/revoke-full client1

Configure OpenVPN

Now that you have generated a profile for us, you can configure your OpenVPN server and client. Retrieve the file and execute the following command:

sudo gunzip-d/usr/share/doc/openvpn/examples/sample-config-files/server.conf.gz
sudo cp/usr/share/doc/openvpn/examples/sample-config-files/server.conf/etc/openvpn
sudo cp/usr/share/doc/openvpn/examples/sample-config-files/client.conf ~/
Cd

You should modify the client configuration file to match what you want it to do. You can also modify some of the values in the following file to match what you want. To do this, first change the "remote" option, which can connect to your cloud server's IP address on which port to configure your OpenVPN to run on. Then change the "certificate" and "key" values to reflect the name of your certificate and key. After editing these values, you can save the file, type Ctrl + X, "Y" type, and then enter.
Now client Profile copy, along with client key and certificate located on/etc/openvpn/easy-rsa/2.0/key to local client machine.

Nano ~/client.conf

After you do this, you only need to make some changes to the server configuration file before we finish. Changing the file's "certificate" and "critical" options point to the following file to match the certificate and key used by your server.

sudo nano/etc/openvpn/server.conf

After this step, you're ready! Just reboot OpenVPN and you have a job OpenVPN install Debian 6!

Sudo/etc/init.d/openvpn restart

To this end, the installation is complete.

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.