apt-get update
apt-get install openvpn easy-rsa
gunzip -c /usr/share/doc/openvpn/examples/sample-config-files/server.conf.gz > /etc/openvpn/server.conf
vim /etc/openvpn/server.conf
uncoment:
# dh dh1024.pem
# push "redirect-gateway def1 bypass-dhcp"
# push "dhcp-option DNS 208.67.222.222"
# push "dhcp-option DNS 208.67.220.220"
# user nobody
# group nogroup
echo 1 > /proc/sys/net/ipv4/ip_forward
vim /etc/sysctl.conf
uncoment:
# net.ipv4.ip_forward=1
cp -r /usr/share/easy-rsa/ /etc/openvpn
mkdir /etc/openvpn/easy-rsa/keys
vim /etc/openvpn/easy-rsa/vars
#export KEY_COUNTRY="BG"
#export KEY_PROVINCE="bg"
#export KEY_CITY="Velingrad"
#export KEY_ORG="Home"
#export KEY_EMAIL="[email protected]"
#export KEY_OU="MYOrganizationalUnit"
#export KEY_NAME="server"
openssl dhparam -out /etc/openvpn/dh2048.pem 2048
cd /etc/openvpn/easy-rsa
. ./vars
./clean-all
./build-ca
./build-key-server server
cp /etc/openvpn/easy-rsa/keys/{server.crt,server.key,ca.crt} /etc/openvpn
service openvpn start
./build-key client1
cp /usr/share/doc/openvpn/examples/sample-config-files/client.conf /etc/openvpn/easy-rsa/keys/client.ovpn
#Configuration with script
#!/bin/bash
apt-get update &&
apt-get -y upgrade &&
apt-get -y install openvpn easy-rsa &&
gunzip -c /usr/share/doc/openvpn/examples/sample-config-files/server.conf.gz \
> /etc/openvpn/server.conf &&
cd /etc/openvpn/ &&
sed -i.bak -e 's/dh dh1024.pem/dh dh2048.pem/' -e \
's/;push "redirect-gateway def1 bypass-dhcp"/push "redirect-gateway def1 bypass-dhcp"/' -e \
's/;push "dhcp-option DNS 208.67.222.222"/push "dhcp-option DNS 208.67.222.222"/' -e \
's/;push "dhcp-option DNS 208.67.220.220"/push "dhcp-option DNS 208.67.220.220"/' -e \
's/;user nobody/user-nobody/' -e \
's/;group nogroup/group nogroup/' server.conf &&
echo 1 > /proc/sys/net/ipv4/ip_forward &&
sed -i.bak 's/#net.ipv4.ip_forward=1/net.ipv4.ip_forward=1/' /etc/sysctl.conf &&
cp -r /usr/share/easy-rsa/ /etc/openvpn &&
mkdir -p /etc/openvpn/easy-rsa/keys &&
cd /etc/openvpn/easy-rsa &&
sed -i.bak 's/export KEY_NAME="EasyRSA"/export KEY_NAME="server"/' vars &&
openssl dhparam -out /etc/openvpn/dh2048.pem 2048 &&
cd /etc/openvpn/easy-rsa &&
. ./vars &&
./clean-all &&
./build-ca &&
./build-key-server server &&
cp /etc/openvpn/easy-rsa/keys/{server.crt,server.key,ca.crt} /etc/openvpn &&
service openvpn start &&
./build-key client1 &&
cp /usr/share/doc/openvpn/examples/sample-config-files/client.conf /etc/openvpn/easy-rsa/keys/client.ovpn
client.ovpn се редактира с името на сървара