1. Home
  2. LINUX TUTORIAL
  3. TUNNEL/VPN
  4. Routeros Mikrotik Tutorial - Install Open Vpn Server on CentOS

Routeros Mikrotik Tutorial - Install Open Vpn Server on CentOS

January 26, 2018
Install openvpn server di dedicated server,


Kali ini mengunakan CentOS 64bit sebagai OS.

$ wget http://openvpn.net/release/openvpn-2.0.9.tar.gz
$ wget http://openvpn.net/release/lzo-1.08-4.rf.src.rpm
$ yum install rpm-build autoconf.noarch zlib-devel pam-devel openssl-devel
$ rpmbuild –rebuild lzo-1.08-4.rf.src.rpm
$ rpm -Uvh /usr/src/redhat/RPMS/x86_64/lzo-*.rpm
$ rpmbuild -tb openvpn-2.0.9.tar.gz
$ rpm -Uvh /usr/src/redhat/RPMS/x86_64/openvpn-2.0.9-1.i386.rpm
$ cp -r /usr/share/doc/openvpn-2.0.9/easy-rsa/ /etc/openvpn/
$ cp /usr/share/doc/openvpn-2.0.9/sample-config-files/server.conf /etc/openvpn/

Build certificate

$ cd /etc/openvpn/easy-rsa/2.0
$ source ./vars
$ ./vars
$ ./clean-all
$ ./build-ca
$ ./build-key-server server
$ ./build-dh

Build certificate untuk client sysadmin dan admins

$ ./build-key sysadmin
$ ./build-key admins
$ cp /etc/openvpn/easy-rsa/2.0/keys /etc/openvpn/keys -R

sekarang edit server.conf
$ vi /etc/openvpn/server.conf

perhatikan tanda (;) didepan, hapus tanda tersebut dan edit

local 71.201.xx.xx
port 1094
proto udp
dev tun
ca keys/ca.crt
cert keys/server.crt
key keys/server.key
dh keys/dh1024.pem
server 10.8.0.0 255.255.255.0
ifconfig-pool-persist ipp.txt
push "route 10.8.0.0 255.255.255.0"
push "redirect-gateway"
push "dhcp-option DNS 78.256.xx.xx"
keepalive 10 120
comp-lzo
persist-key
persist-tun
status openvpn-status.log
verb 3


Ganti local IP (local 71.201.xx.xx) dan DNS (push "dhcp-option DNS 78.256.xx.xx") dengan IP server dan DNS server anda.
Sedang port 1094 aku ganti 53 tujuanya ialah unuk untuk bypass (supaya mampu GPRS gratis).
Karena openvpn di jalakan pada port 53, maka service bind harus dimatikan semoga tidak konflik.

Jalankan openvpn service

$ service openvpn start

Enabling packet forwarding

$ echo 1 > /proc/sys/net/ipv4/ip_forward

NAT table MASQUERADING

$ iptables -t nat -A POSTROUTING -s 10.8.0.0/24 -o eth0 -j MASQUERADE

Konfigurasi di server selesai, sekarang saatnya konfigurasi di client windows.

Unduh dan install OpenVPN GUI
http://openvpn.se/files/install_packages/openvpn-2.0.9-gui-1.0.3-install.exe

Copy ca.crt, sysadmin.crt, admins.crt, sysadmin.key, admins.key pada folder /etc/openvpn/keys di dedicated server.
kemudian simpan di folder
c:\program files\openvpn\config\sysadmin
dan
c:\program files\openvpn\config\admins
pada client windows

Kemudian buat file sysadmin.ovpn dan isi dengan konfigurasi dibawah ini

client
dev tun
proto udp
remote 71.201.xx.xx 1094
resolv-retry infinite
nobind
persist-key
persist-tun
ca ca.crt
cert sysadmin.crt
key sysadmin.key
comp-lzo
verb 3


Simpan file tersebut pada folder c:\program files\openvpn\config\sysadmin\
Kemudia buat file lagi admins.ovpn dan isi dengan konfigurasi dibawah ini

client
dev tun
proto udp
remote 71.201.xx.xx 1094
resolv-retry infinite
nobind
persist-key
persist-tun
ca ca.crt
cert admins.crt
key admins.key
comp-lzo
verb 3


Simpan file tersebut pada folder c:\program files\openvpn\config\admins\

Connectkan openvpn client.

Comments

Post a Comment

Subscribe to: Post Comments ( Atom )