VPS installation openVPN basic tutorial

First of all, you have to have a VPS or a standalone server.

Because my VPS is openVZ, I found that the new openVZ VPS supports PPTP. However, I still use openVPN for security reasons.

This article will introduce some precautions for installing openvpn under debian 6 and install openVPN under xp.

Use one-click installation package to install openVPN

1. Check if your VPS supports Tun/Tap/nat/ppp, log in to VPS check

cat /dev/net /tun

If you return cat: /dev/net/tun: File descriptor in bad state Description tun is available.

iptables -t nat -A POSTROUTING -s 10.8.0.0/24 -o venet0 -j MASQUERADE

If you return iptables: No chain/target/match by that name means nat is also available of.

If the returned result is not described above, then your VPS service provider is not enabled by default. You can send a ticket to ask the VPS provider to provide this. My VPS did not provide this, and I sent a ticket, but it was solved very quickly.

2. Check the DNS of the server

vi /etc/resolv.conf

You can use the DNS server address provided by OpenDNS to be 208.67.222.222 208.67. 220.220 DNS Service provided by Google

8.8.8.8

8.8.4.4

3. Download John Malkowski's Debian OpenVPN script.

wget http://vpsnoc.com/scripts/debian-openvpn.sh

chmod +x debian-openvpn.sh

./debian-openvpn.sh< Br>

Continue to fill in the server and client information, select y when y/n appears.

Then download the generated keys.tgz from the local.

Do not use one-click installation package, install it step by step

The following content is referenced: VPS Detective Linode VPS OpenVPN installation configuration tutorial
(based on Debian/Ubuntu)

1.Installation

apt-get install openvpn udev lzop

2.OpenVPN provides "easy-rsa"; this set of encryption tools openvpn installed easy-rsa In the /usr/share/doc/openvpn/examples/easy-rsa/folder, you need to copy easy-rsa to /etc/openvpn in order for OpenVPN to work properly. Run the following command:

#cp - R /usr/share/doc/openvpn/examples/easy-rsa//etc/openvpn

Set in /etc/openvpn/easy-rsa/2.0/, basically all OpenVPN configurations are here.

Production CA Certificate:

cd /etc/openvpn/easy-rsa/2.0

source vars

./clean-all

./build-ca

./build-ca will prompt for some information, you can directly press Enter to press the default information.

3. Generate server-side certificates and keys:

./build-key-server server

You need to enter y twice.

4. Production client certificate and key:

./build-key client

The generated certificate and key are in /etc/openvpn/easy-rsa/2.0/keys/below.

5.Generate Diffie Hellman parameters:

./build-dh

6. Install and configure the openVPN client. See the reference for details.

Windows Client Download

1. Download OpenVPN: http://www.openvpn.net/index.php/open-source/downloads.html to download the latest version of the installation package.

2. Installation, it is recommended that win7/vista users install to non-system partitions. 3. Modify the virtual network card DNS, Google DNS: 8.8.8.8 and 8.8.4.4; OpenDNS 208.67.222.222 and 208.67.220.220.

4. Unzip keys.tgz to the config directory under the openVPN installation directory.

5. Run openVPN.

6. If there is nothing wrong, the installation is successful.

You can go to http://www.dnsstuff.com or facebook/twitter and other tests. Surprise waiting for you!

If you need to share this with your friends, you can create a new user and regenerate the client certificate.

cd /etc/openvpn/easy-rsa/2.0

./vars

./build-key user1

The newly generated user1. Crt, user1.key, user1.csr three files and *.ovpn and ca.crt, ca.key three files are downloaded to the local, edit the downloaded *.ovpn file will be the cert client1.crt and key client1 The .key is modified to: cert user1.crt and key user1.key.

Pack the above documents and send them to your friends. And extract it to the config directory.