Cara Install Manual OpenVPN

Posted: July 4, 2010 in Open VPN

1. gcc
2. rpm-build
3. autoconf.noarch
4. zlib-devel
5. pam-devel
6. openssl-devel
7. make

install langsung semua nya

yum -y install gcc rpm-build autoconf.noarch zlib-devel pam-devel openssl-devel make wget iptables
wget http://openvpn.net/release/openvpn-2.0.9.tar.gz
wget http://openvpn.net/release/lzo-1.08-4.rf.src.rpm
rpmbuild --rebuild lzo-1.08-4.rf.src.rpm
for 32bit
rpm -Uvh /usr/src/redhat/RPMS/i386/lzo-*.rpm
for 64bit
rpm -Uvh /usr/src/redhat/RPMS/x86_64/lzo-*.rpm
1
rpmbuild -tb openvpn-2.0.9.tar.gz
for 32bit
rpm -Uvh /usr/src/redhat/RPMS/i386/openvpn-2.0.9-1.i386.rpm
for 64bit
rpm -Uvh /usr/src/redhat/RPMS/x86_64/openvpn-2.0.9-1.x86_64.rpm
cp -r /usr/share/doc/openvpn-2.0.9/easy-rsa/ /etc/openvpn/
cp /usr/share/doc/openvpn-2.0.9/sample-config-files/server.conf /etc/openvpn/
cd /etc/openvpn/easy-rsa/2.0
source ./vars
./vars
./clean-all
./build-ca
./build-key-server server
./build-dh
cp /etc/openvpn/easy-rsa/2.0/keys /etc/openvpn/keys -R
cd /etc/openvpn/
cp server.conf server.conf.bak
rm -rf server.conf
nano server.conf
dev tun

kita buat port 53 : 80 : 138 : 443

nano 53.conf
?View Code CONF53
port 53
proto udp
dev tun
ca /etc/openvpn/keys/ca.crt
cert /etc/openvpn/keys/server.crt
key /etc/openvpn/keys/server.key
dh /etc/openvpn/keys/dh1024.pem
plugin /usr/share/openvpn/plugin/lib/openvpn-auth-pam.so /etc/pam.d/login
client-cert-not-required
username-as-common-name
server 10.8.0.0 255.255.255.0
ifconfig-pool-persist ipp.txt
push "redirect-gateway def1"
push "dhcp-option DNS 8.8.8.8"
push "dhcp-option DNS 8.8.4.4"
keepalive 5 30
comp-lzo
persist-key
persist-tun
status server-tcp.log
verb 3
nano 80.conf
?View Code CONF80
port 80
proto tcp
dev tun
ca /etc/openvpn/keys/ca.crt
cert /etc/openvpn/keys/server.crt
key /etc/openvpn/keys/server.key
dh /etc/openvpn/keys/dh1024.pem
plugin /usr/share/openvpn/plugin/lib/openvpn-auth-pam.so /etc/pam.d/login
client-cert-not-required
username-as-common-name
server 10.8.0.0 255.255.255.0
ifconfig-pool-persist ipp.txt
push "redirect-gateway def1"
push "dhcp-option DNS 8.8.8.8"
push "dhcp-option DNS 8.8.4.4"
keepalive 5 30
comp-lzo
persist-key
persist-tun
status server-tcp.log
verb 3
nano 138.conf
?View Code CONF138
port 138
proto udp
dev tun
ca /etc/openvpn/keys/ca.crt
cert /etc/openvpn/keys/server.crt
key /etc/openvpn/keys/server.key
dh /etc/openvpn/keys/dh1024.pem
plugin /usr/share/openvpn/plugin/lib/openvpn-auth-pam.so /etc/pam.d/login
client-cert-not-required
username-as-common-name
server 10.8.0.0 255.255.255.0
ifconfig-pool-persist ipp.txt
push "redirect-gateway def1"
push "dhcp-option DNS 8.8.8.8"
push "dhcp-option DNS 8.8.4.4"
keepalive 5 30
comp-lzo
persist-key
persist-tun
status server-tcp.log
verb 3
nano 443.conf
?View Code CONF443
port 443
proto tcp
dev tun
ca /etc/openvpn/keys/ca.crt
cert /etc/openvpn/keys/server.crt
key /etc/openvpn/keys/server.key
dh /etc/openvpn/keys/dh1024.pem
plugin /usr/share/openvpn/plugin/lib/openvpn-auth-pam.so /etc/pam.d/login
client-cert-not-required
username-as-common-name
server 10.8.0.0 255.255.255.0
ifconfig-pool-persist ipp.txt
push "redirect-gateway def1"
push "dhcp-option DNS 8.8.8.8"
push "dhcp-option DNS 8.8.4.4"
keepalive 5 30
comp-lzo
persist-key
persist-tun
status server-tcp.log
verb 3

tes openvpn confnya udah bener pa belon

openvpn /etc/openvpn/53.conf
openvpn /etc/openvpn/80.conf
openvpn /etc/openvpn/138.conf
openvpn /etc/openvpn/443.conf

Enabling packet forwarding dengan command:

echo 1 > /proc/sys/net/ipv4/ip_forward

Edit NAT table untuk MASQUERADING Command berikut :

*server Dedicated

iptables -t nat -A POSTROUTING -s 10.8.0.0/24 -o eth0 -j MASQUERADE

*Sedangkan untuk VPS,

iptables -t nat -A POSTROUTING -s 10.8.0.0/24 -o venet0 -j SNAT --to xxx.xxx.xxx.xxx

*Sedangkan untuk Xen VPS

iptables -t nat -A POSTROUTING -s 10.8.0.0/24 -o eth0 -j SNAT --to xxx.xxx.xxx.xxx

start openvpn dan iptable

service openvpn start
service iptables start
service openvpn restart

ca.crt di direktori /etc/openvpn/keys/

untuk add user

adduser zonet -m -s /bin/false
passwd zonet

Client Only

Download OpenVPN

?View Code ZONET053
client
dev tun
proto udp
remote xxx.xxx.xxx.xxx 53
route-method exe
resolv-retry infinite
nobind
persist-key
persist-tun
ca ca.crt
auth-user-pass
comp-lzo
verb 3
?View Code ZONET080
client
dev tun
proto tcp
remote xxx.xxx.xxx.xxx 80
route-method exe
resolv-retry infinite
nobind
persist-key
persist-tun
ca ca.crt
auth-user-pass
comp-lzo
verb 3
?View Code ZONET138
client
dev tun
proto udp
remote xxx.xxx.xxx.xxx 138
route-method exe
resolv-retry infinite
nobind
persist-key
persist-tun
ca ca.crt
auth-user-pass
comp-lzo
verb 3
?View Code ZONET443
client
dev tun
proto tcp
remote xxx.xxx.xxx.xxx 443
route-method exe
resolv-retry infinite
nobind
persist-key
persist-tun
ca ca.crt
auth-user-pass
comp-lzo
verb 3

copy file tersebut di c:\program files\openvpn\config

tested on XEN server centos 5.3 64bit

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s