Results 1 to 8 of 8
Thread: vpn vars file how do we
-
05-29-2011, 11:59 AM #1WHT Addict
- Join Date
- May 2011
- Location
- Beach
- Posts
- 114
vpn vars file how do we
openvpn vars file how do we
0]# cat vars
# easy-rsa parameter settings
# NOTE: If you installed from an RPM,
# don't edit this file in place in
# /usr/share/openvpn/easy-rsa --
# instead, you should copy the whole
# easy-rsa directory to another location
# (such as /etc/openvpn) so that your
# edits will not be wiped out by a future
# OpenVPN package upgrade.
# This variable should point to
# the top level of the easy-rsa
# tree.
export EASY_RSA="`pwd`"
#
# This variable should point to
# the requested executables
#
export OPENSSL="openssl"
export PKCS11TOOL="pkcs11-tool"
export GREP="grep"
# This variable should point to
# the openssl.cnf file included
# with easy-rsa.
export KEY_CONFIG=`$EASY_RSA/whichopensslcnf $EASY_RSA`
# Edit this variable to point to
# your soon-to-be-created key
# directory.
#
# WARNING: clean-all will do
# a rm -rf on this directory
# so make sure you define
# it correctly!
export KEY_DIR="$EASY_RSA/keys"
# Issue rm -rf warning
echo NOTE: If you run ./clean-all, I will be doing a rm
-rf on $KEY_DIR
# PKCS11 fixes
export PKCS11_MODULE_PATH="dummy"
export PKCS11_PIN="dummy"
# Increase this to 2048 if you
# are paranoid. This will slow
# down TLS negotiation performance
# as well as the one-time DH parms
# generation process.
export KEY_SIZE=1024
# In how many days should the root CA key expire?
export CA_EXPIRE=3650
# In how many days should certificates expire?
export KEY_EXPIRE=3650
# These are the default values for fields
# which will be placed in the certificate.
# Don't leave any of these fields blank.
export KEY_COUNTRY="US"
export KEY_PROVINCE="CA"
export KEY_CITY="SanFrancisco"
export KEY_ORG="Fort-Funston"
export KEY_EMAIL="me@myhost.mydomain"
██ » Tucky - Get in touch: webcrafttucky@gmail.com
██ » Freelancer-System Administrator
-
05-29-2011, 12:07 PM #2Web Hosting Evangelist
- Join Date
- Jan 2011
- Posts
- 453
Hello,
I hopes the below given information will be helpful to you.
++++++++++++++++++++++++
Make a copy of the easy-rsa directory, to /etc/openvpn/
cp -r /usr/src/openvpn-2.0.9/easy-rsa /etc/openvpn/
cd /etc/openvpn/easy-rsa
chmod 777 *
mkdir /etc/openvpn/keys
>> Edit the file /etc/openvpn/easy-rsa/vars using vi editor
Change the line
export KEY_DIR=$D/keys
to
export KEY_DIR=/etc/openvpn/keys
Also at the bottom of this file you will see something similar to this,
export KEY_COUNTRY=US
export KEY_PROVINCE=CA
export KEY_CITY=SOMEWHERE
export KEY_ORG="My Org"
export KEY_EMAIL=me@mydomain.com
Change this to your own values.
Save and quit
++++++++++++++++++++++++
I hopes you knows to make certificates. If not do post here and I will guide you on that." Your work is to discover your work and then with all your heart to give yourself to it. "
That's the mark of a true professional !
-
05-29-2011, 12:27 PM #3WHT Addict
- Join Date
- May 2011
- Location
- Beach
- Posts
- 114
thanks i did the steps u guided me
please give me steps to create the certificates as well██ » Tucky - Get in touch: webcrafttucky@gmail.com
██ » Freelancer-System Administrator
-
05-29-2011, 12:42 PM #4Web Hosting Evangelist
- Join Date
- Jan 2011
- Posts
- 453
Hello,
Here goes the steps to create certificate.
+++++++++++++++++++
To make the certificates, enter these commands
./vars
./clean-all
./build-ca
Creating server certificate
./build-key-server server
Creating Client certificates
./build-key client1
./build-key client2
>> Do this step for as many clients as you need.
./build-dh
+++++++++++++++++++
Good Luck !" Your work is to discover your work and then with all your heart to give yourself to it. "
That's the mark of a true professional !
-
05-29-2011, 09:47 PM #5WHT Addict
- Join Date
- May 2011
- Location
- Beach
- Posts
- 114
thanks may i know how server.conf should be configured?
-config-files]# ls
client.conf loopback-client openvpn-shutdown.sh
server.conf tls-home.conf xinetd-
server-config
firewall.sh loopback-server openvpn-startup.sh
static-home.conf tls-office.conf
home.up office.up README██ » Tucky - Get in touch: webcrafttucky@gmail.com
██ » Freelancer-System Administrator
-
05-29-2011, 11:58 PM #6Web Hosting Evangelist
- Join Date
- Jan 2011
- Posts
- 453
Hello,
I thinks you should give a better idea by reading this thread.
http://www.webhostingtalk.com/showthread.php?t=1024872
If you have any other doubts post here." Your work is to discover your work and then with all your heart to give yourself to it. "
That's the mark of a true professional !
-
05-30-2011, 01:13 AM #7WHT Addict
- Join Date
- May 2011
- Location
- Beach
- Posts
- 114
in the server.conf can you help me rectify this error!
Options error: --server directive network/netmask combination is invalid██ » Tucky - Get in touch: webcrafttucky@gmail.com
██ » Freelancer-System Administrator
-
05-30-2011, 07:10 AM #8Web Hosting Master
- Join Date
- Jul 2009
- Posts
- 1,568
What network/netmask combination you used in the Server directive? The default values works well unless you are looking to configure a different subnet for VPN.
| LinuxHostingSupport.net
| Server Setup | Security | Optimization | Troubleshooting | Server Migration
| Monthly and Task basis services.
| MSN : madaboutlinux[at]hotmail.com | Skype : madaboutlinux
Similar Threads
-
Buy VPN - US VPN - Sweden VPN - Gigabit Unmetered VPN Tunnel - From $3.33/mo
By aniport in forum Other Hosting OffersReplies: 0Last Post: 02-24-2011, 03:30 PM -
How can I protect my vpn service from legal action due to bad users illegal file shar
By thegeezer3 in forum Running a Web Hosting BusinessReplies: 15Last Post: 01-06-2010, 01:36 PM -
Cheapest Managed VPS around - $7.50/m - IRC/Adult/VPN/Proxy/Streaming/File Host OK!
By DME-Geoff in forum VPS Hosting OffersReplies: 1Last Post: 03-26-2009, 10:20 PM -
HostKitty: DNS, File Storage, & VPN Hosting
By woods01 in forum Other Web Hosting Related OffersReplies: 0Last Post: 12-28-2008, 03:34 AM