CentOS Tutorial Install OpenVPN

SUBMITTED BY: nywato

DATE: Jan. 21, 2016, 2:52 a.m.

FORMAT: Text only

SIZE: 3.3 kB

Raw Download

HITS: 18708

Report
  1. CentOS | Tutorial Install OpenVPN
  3. 1. Install paket
  4. # yum -y install openvpn
  6. 2. Copy perlengkapan create certification
  7. # cp -R /usr/share/doc/openvpn-2.2.2/easy-rsa/2.0/ /etc/openvpn/
  9. 3. Pindah folder
  10. #cd /etc/openvpn/2.0
  12. 4. Kasih hak eksekusi
  13. # chmod +x build-ca build-dh build-key-server clean-all pkitool vars whichopensslcnf
  15. 5. Download vars
  16. # curl -s http://script.jualssh.com/vars >> vars
  18. 6. Configure
  19. # source ./vars;
  21. 7. Bikin cert
  22. # ./clean-all;
  23. # ./build-ca;
  24. # ./build-dh;
  25. # ./build-key-server server
  27. 8. Bikin folder
  28. # mkdir /etc/openvpn/keys/
  30. 9. Copy key
  31. # cp /etc/openvpn/2.0/keys/* /etc/openvpn/keys/
  33. 10. Pindah folder
  34. # cd /etc/openvpn
  36. 11. Hapus Folder
  37. # rm -Rf 2.0
  39. 12. Download config server
  40. # curl -s http://script.jualssh.com/995.conf > 995.conf
  42. 13. Edit config
  43. # sed -i 's/usr\/lib\/openvpn\/openvpn-auth-pam.so/usr\/share\/openvpn\/plugin\/lib\/openvpn-auth-pam.so/g' 995.conf
  45. 14. Restart config
  46. # service openvpn restart
  48. 15. Autostart service openvpn
  49. # chkconfig openvpn on
  51. 16. Atur kernel variable
  52. # sysctl -w net.ipv4.ip_forward=1
  53. # sed -i 's/net.ipv4.ip_forward = 0/net.ipv4.ip_forward = 1/g' /etc/sysctl.conf
  55. 17. Pengaturan iptables
  56. # iptables -A FORWARD -m state --state RELATED,ESTABLISHED -j ACCEPT
  57. # iptables -A FORWARD -s 192.168.100.0/255.255.255.0 -j ACCEPT
  58. # iptables -A FORWARD -j REJECT --reject-with icmp-port-unreachable
  59. # iptables -A POSTROUTING -o venet0 -j SNAT --to-source [ip-server]
  61. nb:
  62. tempatkan iptables di atas pada file /etc/rc.local
  63. pastikan ubah ip server anda
  65. 18. Config Client
  66. # auth-user-pass pass.txt
  67. # client
  68. # dev tap
  69. # proto tcp
  71. # remote [ip server] 995
  72. # connect-retry 5
  74. # nobind
  75. # ping 5
  76. # ping-restart 120
  77. # persist-key
  78. # persist-tun
  79. # persist-remote-ip
  80. # mute-replay-warnings
  81. # verb 3
  83. # cipher none
  85. # <ca>
  86. -----BEGIN CERTIFICATE-----
  87. MIIDsjCCAxugAwIBAgIJAPlobRc/OzFuMA0GCSqGSIb3DQEBBQUAMIGYMQswCQYD
  88. VQQGEwJJRDERMA8GA1UECBMIV2VzdEphdmExDjAMBgNVBAcTBUJvZ29yMRAwDgYD
  89. VQQKEwdKdWFsVlBOMRAwDgYDVQQLEwdKdWFsVlBOMRAwDgYDVQQDEwdKdWFsVlBO
  90. MRAwDgYDVQQpEwdKdWFsVlBOMR4wHAYJKoZIhvcNAQkBFg9tYWlsQGp1YWx2cG4u
  91. dGswHhcNMTMwNzA3MTE1MzA5WhcNMjMwNzA1MTE1MzA5WjCBmDELMAkGA1UEBhMC
  92. SUQxETAPBgNVBAgTCFdlc3RKYXZhMQ4wDAYDVQQHEwVCb2dvcjEQMA4GA1UEChMH
  93. SnVhbFZQTjEQMA4GA1UECxMHSnVhbFZQTjEQMA4GA1UEAxMHSnVhbFZQTjEQMA4G
  94. A1UEKRMHSnVhbFZQTjEeMBwGCSqGSIb3DQEJARYPbWFpbEBqdWFsdnBuLnRrMIGf
  95. MA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDiNvJPRy49ynjh1sQaPf6mwD9xSlA1
  96. 8VS2wHTD6GLElSMnUpcd3PnFAPMqCtYjwnXCj5ulK9jqZrP6LZ1M/iyE0V9W/NYN
  97. MXrTmjtih9P3OLrw/J98x1wdxEvifqP46iIrxgqbEAwjMuFF/AlCBoWbmkEYUDHp
  98. JT6sarIX9rCzrwIDAQABo4IBADCB/TAdBgNVHQ4EFgQUQjWBlyz/Yexxgzx79Giq
  99. r6BY3dEwgc0GA1UdIwSBxTCBwoAUQjWBlyz/Yexxgzx79Giqr6BY3dGhgZ6kgZsw
  100. gZgxCzAJBgNVBAYTAklEMREwDwYDVQQIEwhXZXN0SmF2YTEOMAwGA1UEBxMFQm9n
  101. b3IxEDAOBgNVBAoTB0p1YWxWUE4xEDAOBgNVBAsTB0p1YWxWUE4xEDAOBgNVBAMT
  102. B0p1YWxWUE4xEDAOBgNVBCkTB0p1YWxWUE4xHjAcBgkqhkiG9w0BCQEWD21haWxA
  103. anVhbHZwarieonlinelobRc/OzFuMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEF
  104. BQADgYEAc1UC5cxdfP+m4DTmeeLkangarieT2WFmM3SP34RU3QfrtG61g+7MDUy1
  105. 5NQQlmZHsBrqfPdojhMTO3OTkJ6KtiKv0czzCD8ZVMYqv2ongDFtqVyONZAYvpvM
  106. 0shlLx4SpEq6OxexyoVxf5j7yHnKY79tsvK/GVQfk1tJJDhhcrs=
  107. -----END CERTIFICATE-----
  108. </ca>
  109. nb: sesuaikan dengan ca.crt di server
comments powered by Disqus