[2024-feb-29] Sad news: Eric Layton aka Nocturnal Slacker aka vtel57 passed away on Feb 26th, shortly after hospitalization. He was one of our Wiki's most prominent admins. He will be missed.
Differences
This shows you the differences between two versions of the page.
| Both sides previous revisionPrevious revisionNext revision | Previous revisionLast revisionBoth sides next revision | ||
| howtos:misc:setting_up_openvpn [2013/02/02 20:54 (UTC)] – chrisabela | howtos:misc:setting_up_openvpn [2013/02/03 19:55 (UTC)] – chrisabela | ||
|---|---|---|---|
| Line 1: | Line 1: | ||
| - | ====== Openvpn - How to Set-up a Slackware Server and a Slackware Client ====== | + | ====== Openvpn - How to Set Up a Slackware Server and a Slackware Client ====== |
| ===== 1. Introduction ===== | ===== 1. Introduction ===== | ||
| Line 11: | Line 11: | ||
| ===== 2. Scope and Objective ===== | ===== 2. Scope and Objective ===== | ||
| - | The objective of this how-to is to serve as a tutorial for the readers to set-up a basic but functional Slackware VPN Server and Client over the Internet. | + | The objective of this how-to is to serve as a tutorial for the readers to set up a basic but functional Slackware VPN Server and Client over the Internet. |
| The emphasis of this tutorial is to provide you with a reliable method that you can easily follow to setup OpenVPN on Slackware Servers and Clients. Nevertheless the process is still not free from pitfalls and require some attention and determination to set up. | The emphasis of this tutorial is to provide you with a reliable method that you can easily follow to setup OpenVPN on Slackware Servers and Clients. Nevertheless the process is still not free from pitfalls and require some attention and determination to set up. | ||
| - | This document comprises of a selection of other similar tutorials found on Internet. In particular the methods described here were extracted from References (2) and (3). However these were cutomised to satisfy the objective. | + | This document comprises of a selection of other similar tutorials found on the Internet. In particular the methods described here were extracted from References (2) and (3). However these were cutomised to satisfy the objective. |
| ===== 3. Installation ===== | ===== 3. Installation ===== | ||
| Line 55: | Line 55: | ||
| ==== 4.3 Administrator Rights ==== | ==== 4.3 Administrator Rights ==== | ||
| - | You will need to have administrator rights to set-up the Openvpn. This applies to both the Server and the Client. In this tutorial, it will be assumed that all actions will be performed by the root user. | + | You will need to have administrator rights to set up the Openvpn. This applies to both the Server and the Client. In this tutorial, it will be assumed that all actions will be performed by the root user. |
| ==== 4.4 Possible Constraints and Possible Solutions for a WiFi equipped Client ==== | ==== 4.4 Possible Constraints and Possible Solutions for a WiFi equipped Client ==== | ||
| Line 67: | Line 67: | ||
| ===== 5. Creating a Public Key Infrastructure (PKI) using the easy-rsa Scripts ===== | ===== 5. Creating a Public Key Infrastructure (PKI) using the easy-rsa Scripts ===== | ||
| - | The PKI may be created on any computer with a VPN installation, | + | The PKI may be created on any computer with an Openvpn |
| - | The easy-rsa scripts referred to in this chapter reside in the /usr/doc/ directory. In contrast to most other distributions (that normally use / | + | The easy-rsa scripts referred to in this chapter reside in the /usr/doc/ directory. |
| It is not recommended to use this directory to create the PKI. This directory may be overwritten by an Openvpn package upgrade, and some files that will be created, should kept secret as otherwise the security of the created VPN would be compromised. | It is not recommended to use this directory to create the PKI. This directory may be overwritten by an Openvpn package upgrade, and some files that will be created, should kept secret as otherwise the security of the created VPN would be compromised. | ||
| Line 91: | Line 91: | ||
| The purpose of this recommendation is to assure consistency in the default values of some following steps that need to be followed. You should not be really worried about the exact meaning or the correctness of the chosen entries as the actual values will have no bearing on the success or failure of this exercise. | The purpose of this recommendation is to assure consistency in the default values of some following steps that need to be followed. You should not be really worried about the exact meaning or the correctness of the chosen entries as the actual values will have no bearing on the success or failure of this exercise. | ||
| - | The following is my complete vars file. The text in bold indicates the parts that I amended from the original. You may note some additional entries that were entered. Most of these are meant to to enhance the range of default values that will be immediately available, thus increasing the chances of a successful creation of the PKI. | + | The following is my complete vars file. You may note some additional entries that were entered. Most of these are meant to enhance the range of default values that will be immediately available, thus increasing the chances of a successful creation of the PKI. |
| < | < | ||
| Line 432: | Line 432: | ||
| ===== 7. Port Forwarding ===== | ===== 7. Port Forwarding ===== | ||
| - | You will need to forward traffic from the port you have chosen for Openvpn to be routed to the Server. To accomplish this you will need to provide your Server with a fixed IP and you will need to configure your router. You may use netconfig, wicd or network-manager to set the fixed IP on Slackware. Then you also need to consult the documentation provided with your router to set-up the selected IP address reserved for the Server, and the port forwarding. For our default Openvpn set-up, the UDP Port would be 1194. | + | You will need to forward traffic from the port you have chosen for Openvpn to be routed to the Server. To accomplish this you will need to provide your Server with a fixed IP and you will need to configure your router. You may use netconfig, wicd or network-manager to set the fixed IP on Slackware. Then you also need to consult the documentation provided with your router to set up the selected IP address reserved for the Server, and the port forwarding. For our default Openvpn set up, the UDP Port would be 1194. |
| In case if you have misplaced such documentation, | In case if you have misplaced such documentation, | ||
| Line 756: | Line 756: | ||
| ===== 11. Firewalls ===== | ===== 11. Firewalls ===== | ||
| - | In the previous chapter we referred to a firewall you may include to protect your Openvpn Server. | + | In the previous chapter we referred to a firewall you may include to protect your Openvpn Server. |
| In order to poke through the Client firewall your may want to try changing the port to 443 - normally reserved for https. Using TCP instead of UDP will also help. To make these change you will need to amend / | In order to poke through the Client firewall your may want to try changing the port to 443 - normally reserved for https. Using TCP instead of UDP will also help. To make these change you will need to amend / | ||
| Line 802: | Line 802: | ||
| </ | </ | ||
| - | ===== 12. References: ===== | + | ===== 12. References ===== |
| (1) http:// | (1) http:// | ||
| Line 812: | Line 812: | ||
| (4) http:// | (4) http:// | ||
| + | * Originally written by [[wiki: | ||
