vpn
This is an old revision of the document!
Create TUN devicce:
mkdir -p /dev/net mknod /dev/net/tun c 10 200 chmod 600 /dev/net/tun
install ocserv 0.10.12:
wget ftp://ftp.infradead.org/pub/ocserv/ocserv-0.10.12.tar.xz tar xvf ocserv-0.10.12.tar.xz apt-get install build-essential pkg-config libgnutls28-dev libreadline-dev libseccomp-dev libwrap0-dev libnl-nf-3-dev liblz4-dev make && make install apt-get install gnutls-bin
Anyconnect
http://dl.xxshe.com/cisco_anyconnect/ https://software.cisco.com/download/release.html?mdfid=286281283&flowid=72322&softwareid=282364313&release=4.2.02075&relind=AVAILABLE&rellifecycle=&reltype=latest
Description: Core / VPN Module - Windows / Standalone installer (MSI) Release: 4.3.05017 Release Date: 19/Dec/2016 File Name: anyconnect-win-4.3.05017-pre-deploy-k9.msi Size: 7.55 MB (7917056 bytes) MD5 Checksum: 6443495b38b3d8cc9ecdc77503d7ddf2 SHA512 Checksum: 44635f944c3326039f7572481832fb20fd2ea3adfd7397ac8a8451eee7a6624d982e46bdb13585a5dc544943b2db6155328c7a0f97a7487efa8705c5130f5b0b Snapshot: https://goo.gl/re4k65 Link: https://o84sq5a89.qnssl.com/anyconnect-win-4.3.05017-pre-deploy-k9.msi.zip
OpenVPN
installation:
apt-get install openvpn easy-rsa gunzip -c /usr/share/doc/openvpn/examples/sample-config-files/server.conf.gz > /etc/openvpn/server.conf sed -i 's/^dh dh1024.pem/dh dh2048.pem/g' /etc/openvpn/server.conf sed -i 's/^;push "redirect-gateway def1 bypass-dhcp"/push "redirect-gateway def1 bypass-dhcp"' /etc/openvpn/server.conf push "dhcp-option DNS 208.67.222.222"
server.conf directives:
loca proto #can both udp and tcp ca cert key dh dh2048.pem server push "redirect-gateway def1 bypass-dhcp" push "dns-option DNS 8.8.8.8" cipher auth SHA256
cert:
make-cadir ~/openvpn-ca export KEY_NAME="server" # in vars ./build-ca ./build-key-server server ./build-dh openvpn --genkey --secret keys/ta.key ./build-key client1
firewall:
- A POSTROUTING -s 10.8.0.0/8 -o wlp11s0 -j MASQUERADE
vpn.1508575878.txt.gz · Last modified: by fe80:a01f:f991:9991:a229:fec6:a8a5:1c99