Hi again!
I found some time and already started playing with the OpenVPN... and I got it working! :woohoo
Onc you know how it's done, it not that difficult after all.
It just took me some time to get to know it.
Here is what I did.
To start the OpenVPN server- I based myself on this topic:
http://plugout.net/viewtopic.php?f=4&t=604&hilit=vpn&start=0- Check existence TUN: TUN was OK
- Check existence config file: Missing, copied content from above site. No changes done.
- Code: Select all
dev tun
proto udp
port 2224
ca /etc/openvpn/easy-rsa/keys/ca.crt
cert /etc/openvpn/easy-rsa/keys/server.crt
key /etc/openvpn/easy-rsa/keys/server.key
dh /etc/openvpn/easy-rsa/keys/dh1024.pem
user nobody
group nobody
server 10.8.0.0 255.255.255.0
push "redirect-gateway def1"
keepalive 10 120
duplicate-cn
max-clients 10
persist-key
persist-tun
verb 3
client-to-client
- Check keys in /etc/openvpn/easy-rsa/keys. This was a blank folder. So generated with help of readme.txt in /etc/openvpn/easy-rsa. For that, I duplicated the "vars" file just as a precaution. I changed the values of the following keys as described in the readme. Nothing else has been changed.
KEY_COUNTRY
KEY_PROVINCE
KEY_CITY
KEY_ORG
KEY_EMAIL
KEY_EMAIL
- Testing by calling
- Code: Select all
openvpn --config /etc/openvpn/openvpn.conf
>
whichopensslcnf file was missing. I had to create it, based on what I found here
https://forums.openvpn.net/topic10528.html.
- Code: Select all
cnf="$1/openssl.cnf"
if [ "$OPENSSL" ]; then
if $OPENSSL version | grep -E "0\.9\.6" > /dev/null; then
cnf="$1/openssl-0.9.6.cnf"
elif $OPENSSL version | grep -E "0\.9\.8" > /dev/null; then
cnf="$1/openssl-0.9.8.cnf"
elif $OPENSSL version | grep -E "1\.0\.[[:digit:]]" > /dev/null; then
cnf="$1/openssl-1.0.0.cnf"
else
cnf="$1/openssl.cnf"
fi
fi
echo $cnf
if [ ! -r $cnf ]; then
echo "**************************************************************" >&2
echo " No $cnf file could be found" >&2
echo " Further invocations will fail" >&2
echo "**************************************************************" >&2
fi
exit 0
- Second testing did it! It was starting!!
Port forwardingJust forwarded port 2224 (UDP) in the router to the IP of the device.
Note: daemon mode (
http://openvpn.net/index.php/open-source/documentation/miscellaneous/88-1xhowto.html)
To start OpenVPN in Daemon mode:
- Code: Select all
openvpn --daemon --config /etc/openvpn/openvpn.conf
To stop in daemon mode:
- Code: Select all
killall -TERM openvpn
Below I'll write what I did to get some clients working.