Centos6.3 openvpn client Centos does not provide Openvpn by default, and there is no openvpn In the yum source. If you want to use yum for installation, install EPEL first. Www.2cto.com Shell code wget http://apt.sw.be/redhat/el6/en/i386/rpmforge/RPMS/rpmforge-release-0.5.2-2.el6.rf.i686.rpm Shell code rpm-Uvh rpmforge-release-0.5.2-2.el6.rf.i686.rpm after installation, yum source has openvpn 1. install. If you do not have the permission, run the sudo Shell code yum-y install openvpn 2. set the
permissions issues (replication mobile OpenVPN line profiles require administrator status), you can also install to other directories.
3, after installation, click on "Start Menu"--"All Programs"--"OpenVPN"-"shortcuts"-"OpenVPN configuration file directory", open the OpenVPN line configuration file storage folder, Place the OpenVPN line configuration file provided by the VPN provider in the directory, as shown below.
Note: Some VPN service lines are more, may be in accordance
/etc/Openvpn/Update-resolv-Conf
The purpose is to update domain name resolution settings based on DHCP-option pushed by the server.
4.1.4 other settings:Key 5: Installing resolvconf
Code:
Sudo apt-Get install resolvconf
The script set in key 4 needs to use this software.
In Windows,4.2.1 copy client. ovpn to the config directory4.2.2 copy the certificate and related private keys to the config directory
CA. CRT
Client
/server. crtKey/etc/openvpn/server. key # This file shocould be kept secretDh/etc/openvpn/dh. pemServer 10.8.0.0 255.255.255.0Ifconfig-pool-persist ipp.txtPush "redirect-gateway def1 bypass-dhcp"Push "dhcp-option DNS 8.8.8.8"Keepalive 10 120Comp-lzoMax-client 100Persist-keyPersist-tunStatus openvpn-status.logVerb 3
Each project will be introduced in a lot. The above modifications are provided by the server. conf provided by openvpn. We only need to remove the comment # And then modify our own c
address range allocated by the openvpn server to the vpn Client. do not conflict with the company's actual IP address range.Verb 5[Root @ openvpn-server 2.0] # echo "1">/proc/sys/net/ipv4/ip_forward # enable ip forwarding to ensure data packets flow between different network segments.[Root @ openvpn-server ~] #/Usr/local/sbin/openvpn -- config/etc/server. conf # Start the vpn and add it to the background for running[Root @ openvpn-server ~] # Netstat-anpt | grep openvpnTcp 0 0 0.0.0.0: 1194 0.
OpenVPN server configuration file description (transfer), openvpn configuration file
This article describes how to configure the configuration file on the OpenVPN server. In Windows, this configuration file is generally called server. ovpn. in Linux/BSD, this configuration file is generally called server. conf. Although the configuration file name is different, the configuration content is the same as the configuration method.
This article is based on
. key # specify the respective. crt and. key # note the path. You can use the relative path starting with the configuration file as the root, # You can also use the absolute path # store it with caution. key file Start openvpn
/Usr/local/openvpn/sbin/openvpn -- daemon -- config/etc/openvpn. conf
Check whether port 1194 is enabled,
Lsof-I: 1194
Ip a has the virtual network card tun0 and the allocated virtual ip address is 10.8.0.1.
4. windows client environment setup:
Install openvpn-2.2.2-inst
forget to save it.Iptables-I INPUT-p tcp -- dport 1194-m comment -- comment "openvpn"-j ACCEPTIptables-t nat-a postrouting-s 10.8.0.0/24-j MASQUERADEService iptables save# Start openvpn and set it to start upon startupService openvpn startChkconfig openvpn on
5. Create a client configuration file
# Copy a client. conf template and name it client. ovpn.Cp/usr/share/doc/openvpn-2.3.2/sample-config-files/client. conf client. ovpn# Edit client. ovpnVim c
Article title: openvpn manages multiple configuration files. Linux is a technology channel of the IT lab in China. Includes basic categories such as desktop applications, Linux system management, kernel research, embedded systems, and open source.
After the company's network has been adjusted recently, there are three vpn connections that need to be used. according to the default configuration, it seems that only one configuration file under the config directory can be used. in this case, you n
client and install it by default:
Http://vpntech.googlecode.com/files/openvpn-2.1.1-gui-1.0.3-install-cn-64bit.zip
2. decompress the server package file, and copy ca. crt, client1.crt, and client1.key in the package to the client C: \ ProgramFiles \ OpenVPN \ config.
3. create the client. ovpn file under C: \ Program Files \ OpenVPN \ config
The content is as follows:
-----------------------
# Define a client
Client
# Define the use of the routing IP
can use the relative path starting with the configuration file as the root, # You can also use the absolute path # store it with caution. key file Start openvpn
/Usr/local/openvpn/sbin/openvpn -- daemon -- config/etc/openvpn. conf
Check whether port 1194 is enabled,
Lsof-I: 1194
Ip a has the virtual network card tun0 and the allocated virtual ip address is 10.8.0.1.
4. windows client environment setup:
Install openvpn-2.2.2-install.exe
Set/usr/local/src/openvpn-2.2.2/sample-config-files/clie
help to debug connection problems#9 is extremely verboseVerb 3
# Silence repeating messages. At most 20# Sequential messages of the same message# Category will be output to the log.
; Mute 20
6. Configure Firewall packet forwarding
# Sysctl-wnet. ipv4.ip _ forward = 1
# Iptables-t nat-a postrouting-s 10.9.0.0/24-o eth0-j MASQUERADE
7. Run openvpn server # openvpn/etc/openvpn/server. conf
8. Configure the client
A. Copy the generated ca. crt, client. key, and client. crt to the local device.
B
16659/openvpn
II. Windows client installation and configurationInstallation directory: D: \ Program Files (x86) \ OpenVPNDownload the openvpnclient and install it. after installation, download and decompress the userkey.tar.gz package to the OpenVPN config directory.Cat client. confClientDev tunProto udpRemote 192.168.52.199 1194Resolv-retry infiniteNobindPersist-keyPersist-tunCa. crtCert lxsym. crtKey lxsym. keyNs-cert-type serverComp-lzoVerb 3Redirect-gateway def1
Make sure that it correspond
As the application of the GMPLS/ASON technology in intelligent optical networks began to scale, we began to realize that the construction and development of transmission networks not only included the transmission hardware technology, the unified network management and control of the transmission network are also two difficulties for network construction and equipment technology development. GMPLS/ASON Control Plane extends from SDH to WDM and CE, and even implements unified control at multiple
local device.
B. Edit the client. ovpn File
# Define a clientClient# Define the use of the routing IP Mode, consistent with the server; Dev tapDev tun# Define the name of the NIC used in Windows, which is not required in linux; Dev-node# Define the used protocol, which is consistent with the server; Proto tcpProto udp
# Specify the server address and port. You can use multiple lines to specify multiple servers.# Implementing Server Load balancer (fro
-route backup (link backup, node backup) networking structure, resulting in a doubling of network investment by operators. Therefore, the current IP network is extremely light, and the bandwidth utilization of the backbone network link is only 10% ~ 30%. Designing a new cost-optimized IP network transmission structure has become a hot topic in the industry.
Introduce ASON
The intelligent optical network technology is defined as ASON by ITU-T, which introduces dynamic switching and intelligent c
= 1
Sharedsecret = testing123
}
The sharedsecret must be consistent with the sharedsecret in freeradius clients. conf.
5. Modify the OpenVPN configuration file again.
Modify the OpenVPN configuration file and use the username and password to authenticate the client. OpenVPN uses RADIUS Authentication:
5.1 modify the configuration file server. conf.
# Vim/etc/openvpn/server. conf
Client-cert-not-required
Username-as-common-name
Plugin/etc/openvpn/radiusplugin. so/etc/openvpn/radiusplugin
ACCEPT -A INPUT -p tcp -m state --state NEW -m tcp --dport 1194 -j ACCEPT -A INPUT -s 10.8.0.0/24 -j ACCEPT -A FORWARD -i tun+ -j ACCEPT#-A INPUT -j REJECT --reject-with icmp-host-prohibited#-A FORWARD -j REJECT --reject-with icmp-host-prohibited COMMIT
Note: The-o em2 in the firewall is the IP address network port of the VPN Server intranet.
The client. ovpn configuration of the client is as follows:
client dev tun proto tcpremote internet 1194 r
The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion;
products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the
content of the page makes you feel confusing, please write us an email, we will handle the problem
within 5 days after receiving your email.
If you find any instances of plagiarism from the community, please send an email to:
info-contact@alibabacloud.com
and provide relevant evidence. A staff member will contact you within 5 working days.