hope this will be useful
====================
1. enter to your server via putty
2. have to login with root access
---
ensure TUN TAP is activated
enter this command :
cat /dev/net/tun
the answer must be : file descriptor in bad state
---------------------------------
3. and then entering this command :
CENTOS 5 32bit
====================
1. enter to your server via putty
2. have to login with root access
---
ensure TUN TAP is activated
enter this command :
cat /dev/net/tun
the answer must be : file descriptor in bad state
---------------------------------
3. and then entering this command :
CENTOS 5 32bit
wget http://pkgs.repoforge.org/rpmforge-release/rpmforge-release-0.5.2-2.el5.rf.i386.rpm
CENTOS 5 64bitwget http://packages.sw.be/rpmforge-release/rpmforge-release-0.5.2-2.el5.rf.x86_64.rpm
CENTOS 6 32 bitwget http://pkgs.repoforge.org/rpmforge-release/rpmforge-release-0.5.3-1.el6.rf.i686.rpm
CENTOS 6 64bitwget http://pkgs.repoforge.org/rpmforge-release/rpmforge-release-0.5.3-1.el6.rf.x86_64.rpm
ALL CENTOS 5
rpm --import http://apt.sw.be/RPM-GPG-KEY.dag.txt
rpm -K rpmforge-release-0.5.2-2.el5.rf.*.rpm
rpm -i rpmforge-release-0.5.2-2.el5.rf.*.rpm
ALL CENTOS 6
rpm --import http://apt.sw.be/RPM-GPG-KEY.dag.txt (abaikan jika gagal)
rpm -K rpmforge-release-0.5.3-1.el6.rf.*.rpm
rpm -i rpmforge-release-0.5.3-1.el6.rf.*.rpm
yum install openvpn -y
cp -r /usr/share/doc/openvpn-2.2.2/easy-rsa/ /etc/openvpn/
PLEASE NOTICE CENTOS 6Need little change
yum -y install nano
nano /etc/openvpn/easy-rsa/2.0/vars
you have to edit this line :
export KEY_CONFIG=`$EASY_RSA/whichopensslcnf $EASY_RSA`
to :
export KEY_CONFIG=/etc/openvpn/easy-rsa/2.0/openssl-1.0.0.cnf
and then SAVE (Ctrl+x) (Y) (ENTER)
cd /etc/openvpn/easy-rsa/2.0/
chmod +x *
source ./vars
./vars
./clean-all
./build-ca
press enter in all choice EXCEPT COMMON NAME (fill it as your desire)then :
./build-key-server server
watch this step carefully when notification showed up (twice) choose Y (y)
----------------------------------------
./build-dh
wait til the process is doneif so, enter this command :
cp -r /etc/openvpn/easy-rsa/2.0/keys/ /etc/openvpn/keys/
cp /etc/openvpn/keys/ca.crt /etc/openvpn/
cd /etc/openvpn/
making Response to TUN driver
cat > server.conf <<END
dev tun*
END
Making Server Configuration :
cat > groundworld.conf <<END
port 443
proto tcp
dev tun
ca /etc/openvpn/keys/ca.crt
cert /etc/openvpn/keys/server.crt
key /etc/openvpn/keys/server.key
dh /etc/openvpn/keys/dh1024.pem
plugin /usr/share/openvpn/plugin/lib/openvpn-auth-pam.so /etc/pam.d/login
client-cert-not-required
username-as-common-name
server 10.9.8.0 255.255.255.0
ifconfig-pool-persist ipp.txt
push "redirect-gateway def1"
push "dhcp-option DNS 8.8.8.8"
push "dhcp-option DNS 8.8.4.4"
keepalive 5 30
comp-lzo
persist-key
persist-tun
status server-tcp.log
verb 3
END
Forwarding Port
echo 1 > /proc/sys/net/ipv4/ip_forward
Iptables Route rules
iptables -t nat -A POSTROUTING -s 10.9.8.0/24 -o venet0 -j SNAT --to xxx.xxx.xxx.xxx
xxx.xxx.xxx.xxx above have to be changed with your VPS IP ADDRESS
Run VPN on your server:
service openvpn start
No comments:
Post a Comment