Quick & Dirty HowtoConfiguration de la partie Serveur:apt-get install openvpn openssl cp -R /usr/share/doc/openvpn/examples/easy-rsa /etc/openvpn/ cd /etc/openvpn/easy-rsa/2.0 vi vars (change KEY_COUNTRY) ../vars ./clean-all ./build-ca ./build-key-server server ./build-key client1 ./build-dh cd /etc/openvpn/easy-rsa/2.0/keys cp ca.crt ca.key dh1024.pem server.crt server.key /etc/openvpn cd /etc/openvpn vi openvpn.confContenu d'openvpn.conf
port 1194 proto tcp dev tun ca ca.crt cert server.crt key server.key dh dh1024.pem server 172.16.0.0 255.255.255.0 ifconfig-pool-persist ipp.txt keepalive 10 120 comp-lzo user nobody group users persist-key persist-tun status openvpn-status.log verb 3 client-to-clientDémarrer le service:
/etc/init.d/openvpn startConfiguration de la partie Client:
- récupérer les fichiers:
ca.crt client1.crt client1.key- Créer un profil client:
client dev tun proto tcp remote ip-or-hostname-of-your-openvpn-server 1194 resolv-retry infinite nobind persist-key persist-tun ca ca.crt cert client1.crt key client1.key comp-lzo verb 3Si on veut rediriger TOUT le trafic vers le VPN, voici une config:
remote ip-or-hostname-of-your-openvpn-server 1194 udp pull comp-lzo adaptive ca ca.crt redirect-gateway def1 dev tun cert client1.cert key client1.key tls-client nobind dhcp-option DNS ip-du-serveur-dnsEt c'est parti !