This document discusses setting up an OpenVPN network between two sites. It includes generating certificates using OpenSSL, configuring a bridge and TAP interfaces using bridging-utils, and configuring the OpenVPN server and client. The OpenVPN server is configured to use the TAP interface and bridge, and authentication is set up using the certificates. Instructions are provided on starting the OpenVPN service and ensuring it starts at system boot.
4. su -c 'rpm -Uvh
http://download.fedora.redhat.com/pub/epel/5/i386/epel-release-
5-3.noarch.rpm'
http://fedoraproject.org/wiki/EPEL
EPEL
Extra Packages for Enterprise Linux
12. Server Client
ca.crt ca.crt
gw1.crt gw2.crt
gw1.key gw2.key
dh1024.pem
/etc/openvpn
/usr/share/doc/openvpn-2.1/sample-config-files/
certificatele
care unde trebuie puse
13. port 1194
proto udp
dev tap0
ca ca.crt
cert gw1.crt
key gw1.key
dh dh1024.pem
server-bridge 192.168.1.1 255.255.255.0 192.168.1.230 192.168.1.235
client-to-client
keepalive 10 120
comp-lzo
persist-key
persist-tun
status openvpn-status.log
verb 3
server.conf
Serverul OpenVPN
14. client
dev tap0
proto udp
remote GW1_PUBLIC_IP 1194
resolv-retry infinite
nobind
persist-key
persist-tun
ca ca.crt
cert gw2.crt
key gw2.key
ns-cert-type server
comp-lzo
verb 3
client.conf
Clientul OpenVPN
15. service openvpn start
chkconfig openvpn on
startup
Pornirea servicului și setarea inițializării sistemului