Thursday, 24 May 2012
 Home arrow Articles arrow linux arrow install and configure openvpn in centos 5.3
   
Main Menu
Home
News
Blog
Links
Search
FAQs
Spider
Articles
@intrenet
Free Softwares
Break for fun
Friends VIdeos
Techno videos
Contact Us
Disclaimer
Guest Book
Speed test
V.E.C. Calculator
IPv4 Subnet Calc
IPv6 Subnet Calc
Byte Converter
Converter
GMT/UTC Time
Bandwidth Calc
Allinone Calc
IANA Port Numbers
Country Call Codes
Pk Postal Codes
Surf Anonumously
Visitors Counter
mod_vvisit_countermod_vvisit_countermod_vvisit_countermod_vvisit_countermod_vvisit_countermod_vvisit_countermod_vvisit_counter
mod_vvisit_counterToday216
mod_vvisit_counterYesterday302
mod_vvisit_counterThis week778
mod_vvisit_counterThis month5327
mod_vvisit_counterAll126003
 
 
 
 

install and configure openvpn in centos 5.3 PDF Print E-mail
User Rating: / 0
PoorBest 
Written by Amanatullah khalil   
Friday, 19 June 2009

 install and configure openvpn in centos 5.3

.:: what is ::.
please take a look at this.


.:: install dependency ::.

[root@linux ~ ]# yum install gcc rpm-build autoconf.noarch zlib-devel pam-devel openssl-devel


.:: download openvpn package ::.

[root@linux ~ ]# mkdir download
[root@linux ~ ]# cd download
[root@linux download]# wget http://openvpn.net/release/openvpn-2.0.9.tar.gz
[root@linux download]# wget ftp://fr.rpmfind.net/linux/fedora/releases/10/Everything/i386/os/Packages/lzo-2.03-1.fc10.i386.rpm
[root@linux download]# wget ftp://fr2.rpmfind.net/linux/fedora/releases/10/Everything/i386/os/Packages/lzo-minilzo-2.03-1.fc10.i386.rpm
[root@linux download]# wget ftp://fr.rpmfind.net/linux/fedora/releases/10/Everything/i386/os/Packages/lzo-devel-2.03-1.fc10.i386.rpm


.:: installing packages ::.

[root@linux download]# rpm -Uvh lzo-2.03-1.fc10.i386.rpm
[root@linux download]# rpm -Uvh lzo-minilzo-2.03-1.fc10.i386.rpm
[root@linux download]# rpm -Uvh lzo-devel-2.03-1.fc10.i386.rpm
[root@linux download]# rpmbuild -tb openvpn-2.0.9.tar.gz
[root@linux download]# rpm -Uvh /usr/src/redhat/RPMS/i386/openvpn-2.0.9-1.i386.rpm


.:: configuration openvpn [server] ::.

[root@linux ~]# cd /usr/lib
[root@linux lib]# ln -s liblzo2.so.2.0.0 liblzo.so.1
[root@linux lib]# cp -r /usr/share/doc/openvpn-2.0.9/easy-rsa/ /etc/openvpn/
[root@linux lib]# cp /usr/share/doc/openvpn-2.0.9/sample-config-files/server.conf /etc/openvpn/
[root@linux ~]# cd /etc/openvpn/easy-rsa/
[root@linux easy-rsa]# vi vars
---[edit on this line]-----------------

# These are the default values for fields
# which will be placed in the certificate.
# Don't leave any of these fields blank.
export KEY_COUNTRY=ID
export KEY_PROVINCE=YK
export KEY_CITY=YOGYAKARTA
export KEY_ORG="BLACKONSOLE"
export KEY_EMAIL=" This e-mail address is being protected from spam bots, you need JavaScript enabled to view it "

----------------------

[root@linux easy-rsa]# . ./vars
( after the first point given distance and then space ./vars )
[root@linux easy-rsa]# ./clean-all
[root@linux easy-rsa]# ./build-ca
------------------------

Generating a 1024 bit RSA private key
......++++++
.....................................++++++
writing new private key to 'ca.key'
-----
You are about to be asked to enter information that will be incorporated into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank For some fields there will be a default value, If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [ID]:
State or Province Name (full name) [YK]:
Locality Name (eg, city) [YOGYAKARTA]:
Organization Name (eg, company) [BLACKONSOLE]:
Organizational Unit Name (eg, section) []: IT
Common Name (eg, your name or your server's hostname) []:blackonsole.org
Email Address [ This e-mail address is being protected from spam bots, you need JavaScript enabled to view it ]:

-----------------------------------

[root@linux easy-rsa]# ./build-key-server myserver
------------------------------

Generating a 1024 bit RSA private key
 .............................++++++
.........................++++++
writing new private key to 'myserver.key'
-----
You are about to be asked to enter information that will be incorporated into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank For some fields there will be a default value, If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [ID]:
State or Province Name (full name) [YK]:
Locality Name (eg, city) [YOGYAKARTA]:
Organization Name (eg, company) [BLACKONSOLE]:
Organizational Unit Name (eg, section) []:IT
Common Name (eg, your name or your server's hostname) []:blackonsole.org
Email Address [ This e-mail address is being protected from spam bots, you need JavaScript enabled to view it ]:

Please enter the following 'extra' attributes
to be sent with your certificate request
A challenge password []:mysecret
An optional company name []:blackonsole
Using configuration from /etc/openvpn/easy-rsa/openssl.cnf
Check that the request matches the signature
Signature ok
The Subject's Distinguished Name is as follows country
Name :PRINTABLE:'ID'
stateOrProvinceName :PRINTABLE:'YK'
localityName :PRINTABLE:'YOGYAKARTA'
organizationName :PRINTABLE:'BLACKONSOLE'
organizationalUnitName:PRINTABLE:'IT'
commonName :PRINTABLE:'blackonsole.org'
emailAddress :IA5STRING:' This e-mail address is being protected from spam bots, you need JavaScript enabled to view it '
Certificate is to be certified until May 22 03:40:25 2019 GMT (3650 days)
Sign the certificate? [y/n]:y

1 out of 1 certificate requests certified, commit? [y/n]y
Write out database with 1 new entries
Data Base Updated

---------------------------------------

[root@linux easy-rsa]# ./build-dh
------------------------------

Generating DH parameters, 1024 bit long safe prime, generator 2 This is going to take a long time

-------------------------------

[root@linux easy-rsa]# ./build-key admin
---------------

Generating a 1024 bit RSA private key
.....................++++++
...............................++++++
writing new private key to 'admin.key'
-----
You are about to be asked to enter information that will be incorporated into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank For some fields there will be a default value, If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [ID]:
State or Province Name (full name) [YK]:
Locality Name (eg, city) [YOGYAKARTA]:
Organization Name (eg, company) [BLACKONSOLE]:
Organizational Unit Name (eg, section) []:IT
Common Name (eg, your name or your server's hostname) []:blackonsole.org
Email Address [ This e-mail address is being protected from spam bots, you need JavaScript enabled to view it ]:

Please enter the following 'extra' attributes
to be sent with your certificate request
A challenge password []:mysecret
An optional company name []:blackonsole
Using configuration from /etc/openvpn/easy-rsa/openssl.cnf
Check that the request matches the signature
Signature ok
The Subject's Distinguished Name is as follows
countryName :PRINTABLE:'ID'
stateOrProvinceName :PRINTABLE:'YK'
localityName :PRINTABLE:'YOGYAKARTA'
organizationName :PRINTABLE:'BLACKONSOLE'
organizationalUnitName:PRINTABLE:'IT'
commonName :PRINTABLE:'blackonsole.org'
emailAddress :IA5STRING:' This e-mail address is being protected from spam bots, you need JavaScript enabled to view it '
Certificate is to be certified until May 22 10:49:55 2019 GMT (3650 days)
Sign the certificate? [y/n]:y

1 out of 1 certificate requests certified, commit? [y/n]y
Write out database with 1 new entries
Data Base Updated

----------------------

[root@linux easy-rsa]# ./build-key-pass userx
----------------------------------

Generating a 1024 bit RSA private key
........++++++
.++++++
writing new private key to 'userx.key'
Enter PEM pass phrase: <enter_your_password>
Verifying - Enter PEM pass phrase: <enter_your_password>
-----
You are about to be asked to enter information that will be incorporated into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank For some fields there will be a default value, If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [ID]:
State or Province Name (full name) [YK]:
Locality Name (eg, city) [YOGYAKARTA]:
Organization Name (eg, company) [BLACKONSOLE]:
Organizational Unit Name (eg, section) []:IT
Common Name (eg, your name or your server's hostname) []:blackonsole.org
Email Address [ This e-mail address is being protected from spam bots, you need JavaScript enabled to view it ]:

Please enter the following 'extra' attributes
to be sent with your certificate request
A challenge password []:mysecret
An optional company name []:blackonsole
Using configuration from /etc/openvpn/easy-rsa/openssl.cnf
Check that the request matches the signature
Signature ok
The Subject's Distinguished Name is as follows
countryName :PRINTABLE:'ID'
stateOrProvinceName :PRINTABLE:'YK'
localityName :PRINTABLE:'YOGYAKARTA'
organizationName :PRINTABLE:'BLACKONSOLE'
organizationalUnitName:PRINTABLE:'IT'
commonName :PRINTABLE:'blackonsole.org'
emailAddress :IA5STRING:' This e-mail address is being protected from spam bots, you need JavaScript enabled to view it '
Certificate is to be certified until May 22 10:51:17 2019 GMT (3650 days)
Sign the certificate? [y/n]:y

1 out of 1 certificate requests certified, commit? [y/n]y
Write out database with 1 new entries
Data Base Updated

--------------

[root@linux easy-rsa]# cp keys/ca.crt ../
[root@linux easy-rsa]# cp keys/dh1024.pem ../
[root@linux easy-rsa]# cp keys/myserver.key ../
[root@linux easy-rsa]# cp keys/myserver.crt ../
[root@linux easy-rsa]# cd /etc/openvpn/
[root@linux openvpn]# vi server.conf
---------[and configure on this options like:]--------

local 10.100.100.34
dev tap
; dev tun
ca ca.crt
cert myserver.crt
key myserver.key # This file should be kept secret
client-to-client
; comp-lzo
max-clients 100
user nobody
group nobody

---------------------------------
change local option with your openvpn server ip.

[root@linux lib]# /etc/init.d/openvpn start


.:: configure and access openvpn [client windows] ::.

. install openvpn client
http://openvpn.net/release/openvpn-2.1_rc9-install.exe

. goto config folder
C:\Program Files\OpenVPN\config

. make keys folder on the config folder
C:\Program Files\OpenVPN\config\keys

. copy ca.crt, userx.crt, and userx.key to C:\Program Files\OpenVPN\config\keys

. make client.ovpn file on C:\Program Files\OpenVPN\config folder.
-----------[contents of client.ovpn file like this]--------------

client
dev tap
proto udp
remote 10.100.100.34 1194
resolv-retry infinite
nobind
persist-key
persist-tun
ca keys/ca.crt
cert keys/userx.crt
key keys/userx.key
verb 3

----------------------------
on remote options change i.p with your openvpn server ip.
you can make client.ovpn with notepad, save as the file with File name : client.ovpn and Save as type : All files and then Save.

. make sure Windows Firewall is off.

. run openvpn gui (start - all programs - openvpn - openvpn gui)


. on system tray, right click the openvpn icon and then click connect



.:: links ::.
. http://www.google.com/linux
. http://www.throx.net/2008/04/13/openvpn-and-centos-5-installation-and-configuration-guide/
. http://opensource.telkomspeedy.com/wiki/index.php/Instalasi_OpenVPN
. http://opensource.telkomspeedy.com/wiki/index.php/Instalasi_OpenVPN_di_Windows

Thanks to Author, source http://blackonsole.blogspot.com/2009/05/install-openvpn-in-centos-53.html
 
< Prev   Next >
[ Back ]
 
 
 
csatpk Newsflash
Paper-thin batteries made from algae
Thursday, 26 November 2009
  Click for details...

Buffalo ships first USB 3.0 hard drive
Thursday, 26 November 2009
  Click for details...

Cisco's amazing $3B buy of videoconf. vendor Tandberg
Friday, 02 October 2009
  Click for details...

Large online payroll service hacked
Friday, 02 October 2009
  Click for details...

--= NFSP =--

Virtualization: Tips for avoiding server overload
Friday, 02 October 2009
  Click for details...

Statistics
OS: Linux h
PHP: 5.2.17
MySQL: 5.1.63-community-log
Time: 04:14
Caching: Disabled
GZIP: Disabled
Members: 3
News: 368
Web Links: 5
Visitors: 266671
Popular