Line 57: |
Line 57: |
| cp keys/dh1024.pem .. | | cp keys/dh1024.pem .. |
| | | |
− | The OpenVPN configuration along with authentication scripts file can be downloaded from my site. Download them and make the executable for root. There will be log files created in /var/log/openvpn indicating when users have logged in and out as well as login failures. | + | The OpenVPN configuration along with authentication scripts file can be downloaded from my site. Download them and make the executable for root. There will be log files created in /var/log/openvpn indicating when users have logged in and out as well as login failures. Only users that have VPN Client Access enabled in Server-Manager will be allowed to VPN. |
| | | |
− | cd .. | + | cd /etc/openvpn |
| + | mkdir -p /var/log/openvpn |
| wget -N http://sme.swerts-knudsen.dk/downloads/OpenVPN/server.conf | | wget -N http://sme.swerts-knudsen.dk/downloads/OpenVPN/server.conf |
− | mkdir -p /var/log/openvpn
| |
| wget -N http://sme.swerts-knudsen.dk/downloads/OpenVPN/logoff.sh | | wget -N http://sme.swerts-knudsen.dk/downloads/OpenVPN/logoff.sh |
| wget -N http://sme.swerts-knudsen.dk/downloads/OpenVPN/logoff_user.pl | | wget -N http://sme.swerts-knudsen.dk/downloads/OpenVPN/logoff_user.pl |
Line 107: |
Line 107: |
| You now need to add the VPN address range as a local networks in the server-manager under the Security section. | | You now need to add the VPN address range as a local networks in the server-manager under the Security section. |
| | | |
− | Router: IP address of the SME servers LAN net. I this example 192.168.1.1 | + | {{Note box|Router: IP address of the SME servers LAN net. I this example 192.168.1.1}} |
| | | |
| The last thing you need to do before the installation is complete is to do a small change in the /etc/openvpn/openvpn.up file. Change the 192.168.1.1 value to match router you used when adding a local network. | | The last thing you need to do before the installation is complete is to do a small change in the /etc/openvpn/openvpn.up file. Change the 192.168.1.1 value to match router you used when adding a local network. |
| + | |
| + | #!/bin/sh |
| + | route del -net 192.168.100.0 netmask 255.255.255.0 gw 192.168.1.1 |
| + | route del -net 192.168.100.0 netmask 255.255.255.0 dev tap0 |
| + | route add -net 192.168.100.0 netmask 255.255.255.0 gw 192.168.100.1 |
| | | |
| When you have changed the file to match your network we start the service. | | When you have changed the file to match your network we start the service. |
Line 124: |
Line 129: |
| collisions:0 | | collisions:0 |
| RX bytes:1802570258 (1719.0 Mb) TX bytes:1338165457 (1276.1 Mb) | | RX bytes:1802570258 (1719.0 Mb) TX bytes:1338165457 (1276.1 Mb) |
| + | |
| + | Now you want to ensure the the OpenVPN service starts every time you reboot your SME server. |
| + | |
| + | ln -s /etc/rc.d/init.d/openvpn /etc/rc7.d/S99OpenVPN |
| | | |
| ==OpenVPN Client Configuration== | | ==OpenVPN Client Configuration== |