[2024-feb-29] Sad news: Eric Layton aka Nocturnal Slacker aka vtel57 passed away on Feb 26th, shortly after hospitalization. He was one of our Wiki's most prominent admins. He will be missed.
Differences
This shows you the differences between two versions of the page.
Both sides previous revisionPrevious revisionNext revision | Previous revisionLast revisionBoth sides next revision | ||
howtos:misc:setting_up_openvpn [2013/02/03 15:04 (UTC)] – chrisabela | howtos:misc:setting_up_openvpn [2013/02/03 19:55 (UTC)] – chrisabela | ||
---|---|---|---|
Line 69: | Line 69: | ||
The PKI may be created on any computer with an Openvpn installation, | The PKI may be created on any computer with an Openvpn installation, | ||
- | The easy-rsa scripts referred to in this chapter reside in the /usr/doc/ directory. In contrast to most other distributions (that normally use / | + | The easy-rsa scripts referred to in this chapter reside in the /usr/doc/ directory. |
It is not recommended to use this directory to create the PKI. This directory may be overwritten by an Openvpn package upgrade, and some files that will be created, should kept secret as otherwise the security of the created VPN would be compromised. | It is not recommended to use this directory to create the PKI. This directory may be overwritten by an Openvpn package upgrade, and some files that will be created, should kept secret as otherwise the security of the created VPN would be compromised. | ||
Line 91: | Line 91: | ||
The purpose of this recommendation is to assure consistency in the default values of some following steps that need to be followed. You should not be really worried about the exact meaning or the correctness of the chosen entries as the actual values will have no bearing on the success or failure of this exercise. | The purpose of this recommendation is to assure consistency in the default values of some following steps that need to be followed. You should not be really worried about the exact meaning or the correctness of the chosen entries as the actual values will have no bearing on the success or failure of this exercise. | ||
- | The following is my complete vars file. You may note some additional entries that were entered. Most of these are meant to to enhance the range of default values that will be immediately available, thus increasing the chances of a successful creation of the PKI. | + | The following is my complete vars file. You may note some additional entries that were entered. Most of these are meant to enhance the range of default values that will be immediately available, thus increasing the chances of a successful creation of the PKI. |
< | < | ||
Line 756: | Line 756: | ||
===== 11. Firewalls ===== | ===== 11. Firewalls ===== | ||
- | In the previous chapter we referred to a firewall you may include to protect your Openvpn Server. | + | In the previous chapter we referred to a firewall you may include to protect your Openvpn Server. |
In order to poke through the Client firewall your may want to try changing the port to 443 - normally reserved for https. Using TCP instead of UDP will also help. To make these change you will need to amend / | In order to poke through the Client firewall your may want to try changing the port to 443 - normally reserved for https. Using TCP instead of UDP will also help. To make these change you will need to amend / | ||
Line 802: | Line 802: | ||
</ | </ | ||
- | ===== 12. References: ===== | + | ===== 12. References ===== |
(1) http:// | (1) http:// | ||
Line 812: | Line 812: | ||
(4) http:// | (4) http:// | ||
+ | * Originally written by [[wiki: | ||