Changes

From SME Server
Jump to navigationJump to search
472 bytes added ,  11:06, 1 September 2008
no edit summary
Line 57: Line 57:  
  cp keys/dh1024.pem ..
 
  cp keys/dh1024.pem ..
   −
The OpenVPN configuration along with authentication scripts file can be downloaded from my site. Download them and make the executable for root. There will be log files created in /var/log/openvpn indicating when users have logged in and out as well as login failures.
+
The OpenVPN configuration along with authentication scripts file can be downloaded from my site. Download them and make the executable for root. There will be log files created in /var/log/openvpn indicating when users have logged in and out as well as login failures. Only users that have VPN Client Access enabled in Server-Manager will be allowed to VPN.
   −
  cd ..
+
  cd /etc/openvpn
 +
mkdir -p /var/log/openvpn
 
  wget -N http://sme.swerts-knudsen.dk/downloads/OpenVPN/server.conf
 
  wget -N http://sme.swerts-knudsen.dk/downloads/OpenVPN/server.conf
mkdir -p /var/log/openvpn
   
  wget -N http://sme.swerts-knudsen.dk/downloads/OpenVPN/logoff.sh
 
  wget -N http://sme.swerts-knudsen.dk/downloads/OpenVPN/logoff.sh
 
  wget -N http://sme.swerts-knudsen.dk/downloads/OpenVPN/logoff_user.pl
 
  wget -N http://sme.swerts-knudsen.dk/downloads/OpenVPN/logoff_user.pl
Line 107: Line 107:  
You now need to add the VPN address range as a local networks in the server-manager under the Security section.  
 
You now need to add the VPN address range as a local networks in the server-manager under the Security section.  
   −
Router: IP address of the SME servers LAN net. I this example 192.168.1.1
+
{{Note box|Router: IP address of the SME servers LAN net. I this example 192.168.1.1}}
    
The last thing you need to do before the installation is complete is to do a small change in the /etc/openvpn/openvpn.up file. Change the 192.168.1.1 value to match router you used when adding a local network.
 
The last thing you need to do before the installation is complete is to do a small change in the /etc/openvpn/openvpn.up file. Change the 192.168.1.1 value to match router you used when adding a local network.
 +
 +
#!/bin/sh
 +
route del -net 192.168.100.0 netmask 255.255.255.0 gw 192.168.1.1
 +
route del -net 192.168.100.0 netmask 255.255.255.0 dev tap0
 +
route add -net 192.168.100.0 netmask 255.255.255.0 gw 192.168.100.1
    
When you have changed the file to match your network we start the service.
 
When you have changed the file to match your network we start the service.
Line 124: Line 129:  
           collisions:0
 
           collisions:0
 
           RX bytes:1802570258 (1719.0 Mb)  TX bytes:1338165457 (1276.1 Mb)
 
           RX bytes:1802570258 (1719.0 Mb)  TX bytes:1338165457 (1276.1 Mb)
 +
 +
Now you want to ensure the the OpenVPN service starts every time you reboot your SME server.
 +
 +
ln -s /etc/rc.d/init.d/openvpn /etc/rc7.d/S99OpenVPN
    
==OpenVPN Client Configuration==
 
==OpenVPN Client Configuration==
177

edits

Navigation menu