Skip to main content

:: install openvpn on linux centos ::

:: what is
please take a look at this.

:: note
this trick configuring openvpn to use auth-pam plugins (username and password on account system)



:: add openvpn repository
[root@tox ~]# rpm -Uvh http://download.fedora.redhat.com/pub/epel/5/x86_64/epel-release-5-3.noarch.rpm

:: install openvpn with lzo 
[root@tox ~]# yum install openvpn lzo-devel zlib zlib-devel openssl-devel

:: configure openvpn
+ make certiticate openvpn on server 
[root@tox ~]# cd /usr/share/openvpn/easy-rsa/2.0/
[root@tox 2.0]# . ./vars 
[root@tox 2.0]# ./clean-all 
[root@tox 2.0]# ./build-ca 
[root@tox 2.0]# ./build-key-server servername
[root@tox 2.0]# ./build-dh 
[root@tox 2.0]# cp ca.crt dh1024.pem servername.key servername.crt /etc/openvpn/

+ configure openvpn.conf
[root@tox ~]# cp /usr/share/doc/openvpn-2.1/sample-config-files/server.conf /etc/openvpn/
[root@tox ~]# vi /etc/openvpn/server.conf 
# 
# change configure some like this:
port 1194
proto udp
dev tun
ca /etc/openvpn/ca.crt
cert /etc/openvpn/servername.crt
key /etc/openvpn/servername.key  
dh /etc/openvpn/dh1024.pem
server 10.8.0.0 255.255.255.0
ifconfig-pool-persist ipp.txt

# make direct gateway and use google dns public server
push "redirect-gateway def1"
push "dhcp-option DNS 8.8.8.8"
keepalive 10 120
comp-lzo
max-clients 100
user nobody
group nobody
persist-key
persist-tun
status openvpn-status.log
verb 3
mute 20

# enable openvpn to used account system
plugin /usr/lib64/openvpn/plugin/lib/openvpn-auth-pam.so /etc/pam.d/login
client-cert-not-required
username-as-common-name
note: for /usr/lib64/openvpn/plugin/lib/openvpn-auth-pam.so absolute path on your system maybe deferent, you can find with this command:
[root@tox ~]# find / -name "openvpn-auth-pam.so"

:: starting openvpnd
[root@tox ~]# /etc/init.d/openvpn start

:: testing on windows client
+ download and install openvpn-client-for-windows.
+ copy your ca.crt from server to client and save to C:\Program Files\OpenVPN\config
+ make client.ovpn file configuration for connecting to server, some like this:
client
dev tun
proto udp
remote _ip_server_ 1194
resolv-retry infinite
nobind
persist-key
persist-tun
ca ca.crt
auth-user-pass
verb 3
comp-lzo
you can make client.ovpn with notepad, save as the file on C:\Program Files\OpenVPN\config with File name : client.ovpn and Save as type : All files then click Save.
+ make sure your windows firewall is off.
+ running your openvpn-client and login with username/password on your server.

:: link
+ googlelinux
+ blackonsole
Labels:

Comments

Post a Comment

Popular posts from this blog

Simple Step Installing WordPress in Ubuntu 24.04

Using ols1clk.sh Script This step will: Install OpenLiteSpeed Install PHP Secure your server Install MySQL Set up WordPress Run the script: bash <( curl -k https://raw.githubusercontent.com/litespeedtech/ols1clk/master/ols1clk.sh ) -w  Configuring WordPress Open your browser and navigate to your domain: http://yourdomain.com You’ll be greeted by the famous WordPress installation wizard. Follow these steps: Select your preferred language. Enter your site title, username, and password for the WordPress admin account. Click "Install WordPress." And just like that, you’ve done it!
Post a Comment
:: Read more..

:: Install NginX from source

:: What is NGINX nginx [engine x] is an HTTP and reverse proxy server, as well as a mail proxy server, written by  Igor Sysoev . o nginx :: How to install NGINX from source on OpenSUSE + installing dependency # zypper in pcre-devel zlib-devel libopenssl-devel + create username and group # groupadd nginx # useradd -r -g nginx nginx + compile and installing nginx # wget http://nginx.org/download/nginx-1.1.8.tar.gz # tar -xzf nginx-1.1.8.tar.gz # cd nginx-1.1.8 # ./configure --user=nginx --group=nginx --with-http_ssl_module # make && make install :: Starting / restarting httpd # /usr/local/nginx/sbin/nginx # /usr/local/nginx/sbin/nginx -s reload :: Link + Google + BlacKonsole
:: Read more..

:: How to Recompile Nginx in Ubuntu

  Recompiling Nginx on Ubuntu can be a crucial task for those who need to customize their web server to meet specific requirements. Whether you need to add new modules, optimize performance, or apply patches, recompiling Nginx allows you to tailor the server to your needs. This guide will walk you through the process step-by-step, ensuring you have a smooth and successful recompilation.   Understanding the Need for Recompilation Why Recompile Nginx? Recompiling Nginx is often necessary when you need to add or remove modules that are not included in the default package. For instance, if you need to integrate a third-party module for enhanced security or performance, recompilation is the way to go. Additionally, recompiling allows you to apply custom patches or optimizations that can significantly improve your server's efficiency. Benefits of Custom Compilation Custom compiling Nginx offers several advantages. Firstly, it provides greater control over the server's
Post a Comment
:: Read more..