VPN steup

OpenVPN setup

How to Setup and Configure an OpenVPN Server on CentOS 6

  1. add EPEL reporistory

    wget http://dl.fedoraproject.org/pub/epel/6/i386/epel-release-6-8.noarch.rpm
    rpm -Uvh epel-release-6-8.noarch.rpm
    
  2. install openvpn package

    yum install openvpn -y
    
  3. copy sample config file

    find /usr/share/doc/openvpn-*/ -name server.conf -exec cp {} /etc/openvpn/ \;
    
  4. edit config file

    vi /etc/openvpn/server.conf
    

    uncomment folowing line:

    push "redirect-gateway def1 bypass-dhcp"
    

    config DNS

    push "dhcp-option DNS 8.8.8.8"
    push "dhcp-option DNS 8.8.4.4"
    

    uncomment following lines

    user nobody
    group nobody
    
  5. keys and certificates

    git clone https://github.com/OpenVPN/easy-rsa
    cd easy-rsa
    git checkout origin/release/2.x
    
    
    mkdir -p /etc/openvpn/easy-rsa/keys
    cp -rf easy-rsa/2.0/* /etc/openvpn/easy-rsa/
    cd /etc/openvpn/easy-rsa/
    

    edit vars

    export KEY_COUNTRY="US"
    export KEY_PROVINCE="CA"
    export KEY_CITY="SanFrancisco"
    export KEY_ORG="Guisheng Inc."
    export KEY_EMAIL="i@guisheng.li"
    export KEY_OU="MyOrganizationalUnit"
    

    build ca

    source ./vars
    ./clean-all
    ./build-ca
    

    create certificate for server

    ./build-key-server server
    

    generate Diffie Hellman key exchange files

    ./build-dh
    cd keys/
    cp dh2048.pem ca.crt server.crt server.key /etc/openvpn/
    

    create client certificate

    cd /etc/openvpn/easy-rsa
    ./build-key client
    
  6. client setup

PPTP setup

环境检查, 使用下面的命令

cat /dev/net/tun

如果显示结果为下面的文本,表明通过:

cat: /dev/net/tun: File descriptor in bad state

check this post How to Install PPTP VPN Server on CentOS 6.x for instructions

Bare Bones (PPTP) VPN Installer for CentOS 6.x Installation

To get started with your own secure VPN, simply execute the following commands at your servers command-line:

yum install -y git
cd /opt && git clone git://github.com/drewsymo/VPN.git
cd VPN && bash vpn-setup-vanilla.sh

If you’re on Linode, you can simply rebuild your instance with the PPTP VPN Installer StackScript.

Note: OpenVZ users, currently one of the iptables rules used in this script is not virtualised in OpenVZ (masquerade). This means you will need to run this line of code once you have finished installing the CentOS PPTP VPN script for it to work:

iptables -t nat -A POSTROUTING -j SNAT --to-source x.x.x.x

Where x.x.x.x is your venet0 IP address

In addition to this, you will also need OpenVZ kernel 2.6.32 How do I connect to my VPN?

You can now connect to your VPN using your servers IP as the hostname (this depends on your VPN client)

The default username and password for your VPN server is:

Username: myuser Password: mypass