日志标签:openvpn

Linux下OPENVPN安装配置

分类:VPN评论:27条作者:雨尚日期:2011-04-19

Linuxopenvpn安装配置

1.Server 端的环境

redhat, kernel版本: 2.4.20-31.9, 外网IP 为192.168.0.229,内网IP为10.255.255.1
kernel 需要支持 tun 设备, 需要加载 iptables 模块.
检查 tun 是否安装:

[root@TEST1 openvpn]# modinfo tun
filename:       /lib/modules/2.6.18-164.el5/kernel/drivers/net/tun.ko
alias:          char-major-10-200
license:        GPL
author:         (C) 1999-2004 Max Krasnyansky <maxk@qualcomm.com>
description:    Universal TUN/TAP device driver
srcversion:     9DE80B8421E85BE6D3B9E06
depends:       
vermagic:       2.6.18-164.el5 SMP mod_unload 686 REGPARM 4KSTACKS gcc-4.1
module_sig:     883f3504a9f782a581431131ff6a52711218ff0a0cb17a7f7462a56b587d3919a824faa39d2d786e0a0ee3f10e7a4b9f03efc5c87b418191eea5a66171

---------------------------------------------------------------------------------------------------------------------------------------------------
2.OpenSSL。如果需要启用 SSL 连接,则需要先安装 OpenSSL。

yum install openssl
yum install openssl-devel

---------------------------------------------------------------------------------------------------------------------------------------------------
3.安装 LZO

tar zxvf lzo-2.02.tar.gz
cd /lzo-2.02
./configure
make
make check
make install

---------------------------------------------------------------------------------------------------------------------------------------------------
4.安装 openvpn

tar zxvf openvpn-2.0.5.tar.gz
cd /openvpn-2.0.5
./configure --with-lzo-headers=/usr/local/include --with-lzo-lib=/usr/local/lib --with-ssl-headers=/usr/local/include/openssl --with-ssl-lib=/usr/local/lib
make && make install

---------------------------------------------------------------------------------------------------------------------------------------------------
5.生成证书Key

初始化 PKI

cd /openvpn-2.0.5/easy-rsa
export D=`pwd`
export KEY_CONFIG=$D/openssl.cnf
export KEY_DIR=$D/keys
export KEY_SIZE=1024
export KEY_COUNTRY=CN
export KEY_PROVINCE=BJ
export KEY_CITY=BJ
export KEY_ORG="linuxsee.com"
export KEY_EMAIL="dongjie.yang@linuxsee.com"

Build-ca

 继续阅读...
Tags: ,