OpenVPN
Has to be the best software vpn software I've came across so far. Install on ubuntu:http://linuxconfig.org/vpn-virtual-private-network-and-openvpn
Source install
# aptitude install liblzo2-dev # cd openvpn-2.1.1 ./configure --enable-small --disable-selinux \ --with-ssl-headers=/usr --with-ssl-lib=/usr \ --with-lzo-headers=/usr --with-lzo-lib=/usr \ --prefix=/usr --sysconfdir=/etc # make -j2 # make install # openvpn --version OpenVPN 2.1.1 x86_64-unknown-linux-gnu [SSL] [LZO2] [EPOLL] built on Apr 29 2010 Originally developed by James Yonan Copyright (C) 2002-2009 OpenVPN Technologies, Inc. <sales@openvpn.net>
Certificate
Clean up
cd /usr/share/doc/openvpn/easy-rsa source vars sh clean-all
Build ca
sh build-ca
Build server
sh build-key-server server
Build client(s)
sh build-key client1
Build dh
sh build-dh
Generated files will be under the keys directory.
Config files
server.confport 1234 proto tcp dev tun ca /etc/openvpn/ca.crt cert /etc/openvpn/server.crt key /etc/openvpn/server.key # This file should be kept secret dh /etc/openvpn/dh1024.pem server 10.8.0.0 255.255.255.0 ifconfig-pool-persist ipp.txt client-to-client keepalive 10 120 cipher DES-EDE3-CBC # Triple-DES comp-lzo user nobody group nogroup persist-key persist-tun status openvpn-status.log log /var/log/openvpn.log verb 3 tun-mtu 1400 # this is just for me
client.conf
client dev tun proto tcp remote vpngw.domain.tld 1234 resolv-retry infinite nobind user nobody group nogroup persist-key persist-tun ca ca.crt cert client.crt key client.key ns-cert-type server cipher DES-EDE3-CBC comp-lzo verb 3 tun-mtu 1400
