OpenVPN
From ArchWiki
Contents |
Install
Install openvpn:
pacman -S openvpn
Also you may install ldap authentication module from AUR.
Prepare OpenSSL data
cd /usr/share/openvpn/easy-rsa source ./vars ./build-ca ./build-key-server <server-name>
Setting up server
Using PAM and passwords to authenticate
port 1194 proto udp dev tap ca /etc/openvpn/ca.crt cert /etc/openvpn/server.crt key /etc/openvpn/server.key dh /etc/openvpn/dh1024.pem server 192.168.56.0 255.255.255.0 ifconfig-pool-persist ipp.txt ;learn-address ./script client-to-client ;duplicate-cn keepalive 10 120 ;tls-auth ta.key 0 comp-lzo ;max-clients 100 ;user nobody ;group nobody persist-key persist-tun status /var/log/openvpn-status.log verb 3 client-cert-not-required username-as-common-name plugin /usr/lib/openvpn/openvpn-auth-pam.so login
Setting up client
Password authentication
client dev tap proto udp remote <address> 1194 resolv-retry infinite nobind persist-tun comp-lzo verb 3 auth-user-pass passwd ca ca.crt
passwd file (referenced by auth-user-pass) must contain two lines:
- first line - username
- second - password