Beranda » Slack|Ware » Konfigurasi OpenVPN Di Slackware

Konfigurasi OpenVPN Di Slackware

Start here

assalamu alikum wr.wb.

sy pengen berceritra ttng OpenVPN karena ini adalah tugas akhir sy di suatu kampus yg ada di INDONESIA..///
1). Virtual Private Networking
VPN (Virtual Private Network) merupakan suatu cara untuk membuat sebuah jaringan bersifat “private” dan aman dengan menggunakan jaringan publik misalnya internet. VPN dapat mengirim data antara dua komputer yang melewati jaringan publik sehingga seolah-olah terhubung secara point to point. Data dienkapsulasi (dibungkus) dengan header yang berisi informasi routing untuk mendapatkan koneksi point to point sehingga data dapat melewati jaringan publik dan dapat mencapai akhir tujuan.

linux slackware telah disiapkan openvpn tinggal di konfigurasi agar openvpn bisa jalan.
pasti temen2 bertanya apa itu openvpn? silahkan cari di google penjelasan tentang openvpn or VPN,
karena saya cuman mo jelasin konfigurasi2:

yang pertama kita harus lakukan adalah copy file openvpn yang ada di /usr/doc/openvpn-2.1.1 itu untuk di slack saya.
yang dicopy adalah:
1. easy-rsa
2. server.conf (untuk server), client.conf (untuk client)

bash~$ su
password

root-^_^-5L4cKy:~# cp -R /usr/doc/openvpn-2.1.1/easy-rsa/ /etc/openvpn/

root-^_^-5L4cKy:/etc/openvpn# cp /usr/doc/openvpn-2.1.1/sample-config-files/server.conf /etc/openvpn/

setelah tercopy.. kita membuat tunnelling (tun) di /dev/net

root-^_^-5L4cKy:/dev/net# mknod tun c 10 200

setelah itu buat cert & key untuk server dan client
persisnya seperti ini:

root-^_^-5L4cKy:/etc/openvpn/easy-rsa/2.0# source ./vars

NOTE: If you run ./clean-all, I will be doing a rm -rf on /etc/openvpn/easy-rsa/2.0/keys

root-^_^-5L4cKy:/etc/openvpn/easy-rsa/2.0# ./clean-all

root-^_^-5L4cKy:/etc/openvpn/easy-rsa/2.0# ./build-ca

Generating a 1024 bit RSA private key
……………..++++++
…..++++++
writing new private key to ‘ca.key’

You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter ‘.’, the field will be left blank.
—–
Country Name ( 2 letter code) [US]:
State or Province Name (full name) [CA]:
Locality Name (eg, city) [SanFrancisco]:
Organization Name (eg, company) [Fort-Funston]:
Organizational Unit Name (eg, section) []:
Common Name (eg, your name or your server’s hostname) [Fort-Funston CA]:
Name []:5L4cKy
Email Address [me@myhost.mydomain]:

root-^_^-5L4cKy:/etc/openvpn/easy-rsa/2.0# ./build-key-server 5L4cKy

Generating a 1024 bit RSA private key
……………………………………++++++
….++++++
writing new private key to ’5L4cKy.key’
—–
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter ‘.’, the field will be left blank.
—–
Country Name (2 letter code) [US]:
State or Province Name (full name) [CA]:
Locality Name (eg, city) [SanFrancisco]:
Organization Name (eg, company) [Fort-Funston]:
Organizational Unit Name (eg, section) []:
Common Name (eg, your name or your server’s hostname) [5L4cKy]:
Name []:
Email Address [me@myhost.mydomain]:

Please enter the following ‘extra’ attributes
to be sent with your certificate request
A challenge password []:
An optional company name []:
Using configuration from /etc/openvpn/easy-rsa/2.0/openssl.cnf
Check that the request matches the signature
Signature ok
The Subject’s Distinguished Name is as follows
countryName : PRINTABLE:’US’
stateOrProvinceName : PRINTABLE:’CA’
localityName : PRINTABLE:’SanFrancisco’
organizationName : PRINTABLE:’Fort-Funston’
commonName : PRINTABLE:’server’
emailAddress : IA5STRING:’me@myhost.mydomain’

Certificate is to be certified until Nov 4 06:51:49 2020 GMT (3650 days)
Sign the certificate? [y/n]:yes

1 out of 1 certificate requests certified, commit? [y/n]yes
Write out database with 1 new entries
Data Base Updated

root-^_^-5L4cKy:/etc/openvpn/easy-rsa/2.0# ./build-key client1

Generating a 1024 bit RSA private key
…………………..++++++
……….++++++
writing new private key to ‘client1.key’
—–
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter ‘.’, the field will be left blank.
—–
Country Name (2 letter code) [US]:
State or Province Name (full name) [CA]:
Locality Name (eg, city) [SanFrancisco]:
Organization Name (eg, company) [Fort-Funston]:
Organizational Unit Name (eg, section) []:
Common Name (eg, your name or your server’s hostname) [client1]:
Name []:
Email Address [me@myhost.mydomain]:

Please enter the following ‘extra’ attributes
to be sent with your certificate request
A challenge password []:
An optional company name []:
Using configuration from /etc/openvpn/easy-rsa/2.0/openssl.cnf
Check that the request matches the signature
Signature ok
countryName : PRINTABLE:’US’
stateOrProvinceName : PRINTABLE:’CA’
localityName : PRINTABLE:’SanFrancisco’
organizationName : PRINTABLE:’Fort-Funston’
commonName : PRINTABLE:’client’
emailAddress : IA5STRING:’me@myhost.mydomain’
Certificate is to be certified until Nov 4 06:52:59 2020 GMT (3650 days)
Sign the certificate? [y/n]:yes

1 out of 1 certificate requests certified, commit? [y/n]yes
Write out database with 1 new entries
Data Base Updated

root-^_^-5L4cKy:/etc/openvpn/easy-rsa/2.0# ./build-dh

Generating DH parameters, 1024 bit long safe prime, generator 2
This is going to take a long time
……+……………………………………………+……………………………………………………+…………………….

setelah pembuatan cert & key server dan client kita dapat melihatnya di /keys
copy file-file yang ada di direktory keys ke direktory /etc/openvpn
yang di copy adalah:
5L4cKy.crt, 5L4cKy.key, 5L4cKy.csr, ca.crt, ca.key, dh1024.pem, 01.pem, 02.pem
untuk client1.key, client1.crt, client1.csr di copy ke komputer client.
setalah file-file telah tercopy, edit server.conf (untuk servernya)
yang perlu di edit adalah
local, a.b.c.d itu untuk IP
dan
ca ca.crt
cert server.crt
key server.key

sebagai contoh.
local. 127.0.0.1
dan
ca ca.crt
cert 5L4cKy.crt
key 5L4cKy.key.

setelah itu jalankan dengan perintah:

(untuk server)

root-^_^-5L4cKy:/etc/openvpn# openvpn server.conf

untuk client1

root-^_^-5L4cKy:/etc/openvpn# openvpn client.conf

oh ya jangan lupa edit juga client.conf di client supaya bisa konek antar server dan klient

semoga bisa bermanfaat!

thanks’

[+] Author :
1. vim-n4n0
2. 8l4ck-h4t
3. Amran MT

moga bermanfaat …!!!


1 Komentar

  1. formlife iris eye gel is it a scam

    Konfigurasi OpenVPN Di Slackware « .:BLOG:.

Tinggalkan Balasan

Please log in using one of these methods to post your comment:

Logo WordPress.com

You are commenting using your WordPress.com account. Logout / Ubah )

Gambar Twitter

You are commenting using your Twitter account. Logout / Ubah )

Foto Facebook

You are commenting using your Facebook account. Logout / Ubah )

Foto Google+

You are commenting using your Google+ account. Logout / Ubah )

Connecting to %s