This shows you the differences between two versions of the page.
Both sides previous revision Previous revision Next revision | Previous revision | ||
documentation:general:vpn:vpn_service_provider [2015/10/15 12:45] admin |
documentation:general:vpn:vpn_service_provider [2018/05/24 09:05] (current) |
||
---|---|---|---|
Line 29: | Line 29: | ||
Although most of the settings are mandatory there are a few options which needs to be adjusted: | Although most of the settings are mandatory there are a few options which needs to be adjusted: | ||
- | ^ Option ^ Action ^ | + | ^ Option ((https://openvpn.net/index.php/open-source/documentation/manuals/65-openvpn-20x-manpage.html)) ^ Action ^ |
| remote | set vpn-server of your choice | | | remote | set vpn-server of your choice | | ||
| proto | set protocol of your choice | | | proto | set protocol of your choice | | ||
Line 43: | Line 43: | ||
- Choose device-type 'TUN' | - Choose device-type 'TUN' | ||
- | {{:documentation:general:vpn:openvpn-upload-config.png?direct|}} | + | {{:documentation:general:vpn:openvpn-enabled.png?600|}} |
+ | {{:documentation:general:vpn:openvpn-certificates.png?600|}} | ||
==== Create authentication file ==== | ==== Create authentication file ==== | ||
- | 1) enable SSHd | + | For using an authentication file change the Operation Mode to 'Use Custom Configutation File'. |
- | {{:documentation:general:vpn:dropbear-enable-ssh.png?direct|}} | + | Create an Empty text-file on your Computer with an Editor of Choice(e.g. Notepad) |
+ | * this must not be an .docx, .rtf or other binary format file, but a plain text-file | ||
+ | |||
+ | The first line of the created file, should contain the Username, for your VPN access | ||
+ | |||
+ | The second line should contain the according password for the VPN access | ||
+ | |||
+ | Save and Close the file, then copy the text-file to the router as for [[:ssh_and_scp|SSH and SCP]] to the router at the location "/etc/vpnuserpass.conf" | ||
- | 2) edit authentication file | ||
===== Pre-Configs ===== | ===== Pre-Configs ===== | ||
Line 65: | Line 72: | ||
persist-tun | persist-tun | ||
script-security 2 | script-security 2 | ||
- | dev tun1 | ||
proto tcp-client | proto tcp-client | ||
cipher bf-cbc | cipher bf-cbc | ||
Line 74: | Line 80: | ||
ns-cert-type server | ns-cert-type server | ||
tun-ipv6 | tun-ipv6 | ||
- | auth-user-pass /etc/vpnuserpass.conf | ||
<ca> | <ca> | ||
-----BEGIN CERTIFICATE----- | -----BEGIN CERTIFICATE----- | ||
Line 169: | Line 174: | ||
<code> | <code> | ||
- | + | remote ny.east.usa.torguardvpnaccess.com 443 | |
+ | client | ||
+ | management 127.0.0.1 5001 | ||
+ | management-log-cache 50 | ||
+ | proto udp | ||
+ | comp-lzo adaptive | ||
+ | fast-io | ||
+ | script-security 2 | ||
+ | mtu-disc yes | ||
+ | verb 4 | ||
+ | mute 5 | ||
+ | cipher bf-cbc | ||
+ | auth sha1 | ||
+ | tun-mtu 1500 | ||
+ | resolv-retry infinite | ||
+ | nobind | ||
+ | persist-key | ||
+ | persist-tun | ||
+ | tls-client | ||
+ | remote-cert-tls server | ||
+ | <ca> | ||
+ | -----BEGIN CERTIFICATE----- | ||
+ | MIIDqzCCAxSgAwIBAgIJAP/g7Ah3SNNHMA0GCSqGSIb3DQEBBQUAMIGWMQswCQYD | ||
+ | VQQGEwJVUzELMAkGA1UECBMCRkwxEDAOBgNVBAcTB09ybGFuZG8xETAPBgNVBAoT | ||
+ | CFRvckd1YXJkMQwwCgYDVQQLEwNWUE4xEzARBgNVBAMTClRHLU9WUE4tQ0ExDDAK | ||
+ | BgNVBCkTA1ZQTjEkMCIGCSqGSIb3DQEJARYVc3lzYWRtaW5AdG9yZ3VhcmQubmV0 | ||
+ | MB4XDTE0MDQwOTE0NDIyMloXDTI0MDQwNjE0NDIyMlowgZYxCzAJBgNVBAYTAlVT | ||
+ | MQswCQYDVQQIEwJGTDEQMA4GA1UEBxMHT3JsYW5kbzERMA8GA1UEChMIVG9yR3Vh | ||
+ | cmQxDDAKBgNVBAsTA1ZQTjETMBEGA1UEAxMKVEctT1ZQTi1DQTEMMAoGA1UEKRMD | ||
+ | VlBOMSQwIgYJKoZIhvcNAQkBFhVzeXNhZG1pbkB0b3JndWFyZC5uZXQwgZ8wDQYJ | ||
+ | KoZIhvcNAQEBBQADgY0AMIGJAoGBANeCV65/6z6cbGfZ6LouGl1W7A71x6CEerxN | ||
+ | wcFeLZx89DM0NxEBs47+gYYqhzKCR+6YCVduD29NMa5dzDwNFEmhOKrHhIposdY7 | ||
+ | JmNC2IeXxOSEcOMjBrRexqBN+CZx0bfj6H6qtlRFtkZlDvNritINiznJjG/DbA2X | ||
+ | jTO6J8f1AgMBAAGjgf4wgfswHQYDVR0OBBYEFPWAX1TtNU8tPbhRdYMGn98i9Hoi | ||
+ | MIHLBgNVHSMEgcMwgcCAFPWAX1TtNU8tPbhRdYMGn98i9HoioYGcpIGZMIGWMQsw | ||
+ | CQYDVQQGEwJVUzELMAkGA1UECBMCRkwxEDAOBgNVBAcTB09ybGFuZG8xETAPBgNV | ||
+ | BAoTCFRvckd1YXJkMQwwCgYDVQQLEwNWUE4xEzARBgNVBAMTClRHLU9WUE4tQ0Ex | ||
+ | DDAKBgNVBCkTA1ZQTjEkMCIGCSqGSIb3DQEJARYVc3lzYWRtaW5AdG9yZ3VhcmQu | ||
+ | bmV0ggkA/+DsCHdI00cwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQUFAAOBgQBx | ||
+ | 1VNcpbpAPzSz8gfT7iUiVPsSgHqhrzozEY8zpPoZkHDfo75P6AQnGwGdDHKljo6h | ||
+ | dkl1ZCTMd0CMbQbWzseNIZNwvHbE3hcnH0zxVKaGyNB6FNdhWVDNcvOhIZYvYbPM | ||
+ | fzWZQFXS/jfjjn1+p9UUQwPONvhoQaRhsUJOcrntug== | ||
+ | -----END CERTIFICATE----- | ||
+ | -----BEGIN CERTIFICATE----- | ||
+ | MIIEwTCCA6mgAwIBAgIJAKROjebUHo0gMA0GCSqGSIb3DQEBBQUAMIGbMQswCQYD | ||
+ | VQQGEwJVUzELMAkGA1UECBMCRkwxEDAOBgNVBAcTB09ybGFuZG8xETAPBgNVBAoT | ||
+ | CFRvckd1YXJkMQwwCgYDVQQLEwNWUE4xEzARBgNVBAMTClRHLU9WUE4tQ0ExETAP | ||
+ | BgNVBCkTCFRvckd1YXJkMSQwIgYJKoZIhvcNAQkBFhVzeXNhZG1pbkB0b3JndWFy | ||
+ | ZC5uZXQwHhcNMTQwNDE3MTAwOTIzWhcNMjQwNDE0MTAwOTIzWjCBmzELMAkGA1UE | ||
+ | BhMCVVMxCzAJBgNVBAgTAkZMMRAwDgYDVQQHEwdPcmxhbmRvMREwDwYDVQQKEwhU | ||
+ | b3JHdWFyZDEMMAoGA1UECxMDVlBOMRMwEQYDVQQDEwpURy1PVlBOLUNBMREwDwYD | ||
+ | VQQpEwhUb3JHdWFyZDEkMCIGCSqGSIb3DQEJARYVc3lzYWRtaW5AdG9yZ3VhcmQu | ||
+ | bmV0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAws1hJzlbWKlm3DEO | ||
+ | XyQpmvtxwrsR4CIYMi8C6np5w74lTRYmGBcuuPqAT3ig2DnH9HNNFx1WWZbYO8pU | ||
+ | a1tdn7uYErJi4EP9/t2l3uXCNgoWYVdVP1j5EXIY1oacOv9srbNZHeWpxHIb1wZr | ||
+ | 1i4sLsdaifOibgVZI91FATXGrVdFDaQb2OjyJrFW8b4xbC8pBJxQDzqPeu9mkVpu | ||
+ | OhBuU+dM+9h+8Bj0tpdAernEAt8CbHIywe9Rjm0JLrYmCPKuB5ldVgG3rYQWFa3X | ||
+ | YWjrWtr//nGM4f4WKOFc2PHWA2gI3JwdynTNLsB9NQi0N7hhR6lmtCMeqHlm0oAz | ||
+ | 4Ad4gQIDAQABo4IBBDCCAQAwHQYDVR0OBBYEFJvAPA1gnlD/majxi+43jL0XDfqQ | ||
+ | MIHQBgNVHSMEgcgwgcWAFJvAPA1gnlD/majxi+43jL0XDfqQoYGhpIGeMIGbMQsw | ||
+ | CQYDVQQGEwJVUzELMAkGA1UECBMCRkwxEDAOBgNVBAcTB09ybGFuZG8xETAPBgNV | ||
+ | BAoTCFRvckd1YXJkMQwwCgYDVQQLEwNWUE4xEzARBgNVBAMTClRHLU9WUE4tQ0Ex | ||
+ | ETAPBgNVBCkTCFRvckd1YXJkMSQwIgYJKoZIhvcNAQkBFhVzeXNhZG1pbkB0b3Jn | ||
+ | dWFyZC5uZXSCCQCkTo3m1B6NIDAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBBQUA | ||
+ | A4IBAQBRG46DnL/8EAPbi/eOQli5WO7lRHYyZJdlLUMlsnwkp6Ul6BMJq8q3UX3z | ||
+ | +pqDf3wzj94y/IpGQgE4l0fgAdwf/C7F533TSwU/vi+5PDWfwD2WmGqVmcmXn6Rp | ||
+ | 9Fwr+oryRw8GfsVBLZHTkWF1RZrRAr8hWZhNySGFwSXlEIicvNy+9mlFhk2Nb46w | ||
+ | ioZKc1Lc7/okeXNWHPv6Dlm39TcNBpGX/xNoWBzqs1EtA1ZGvMcQHsKLfi3Nbaab | ||
+ | BYe08KWsfeZA+ih4BZ6y2E+x84NYHRebqijXTtHp35coyXllBL/+LBoZ86hKszEx | ||
+ | F3pjGU0+8NzvdPUbKndhzyPPnHF1 | ||
+ | -----END CERTIFICATE----- | ||
+ | </ca> | ||
</code> | </code> | ||
==== Privateinternetaccess ==== | ==== Privateinternetaccess ==== | ||
<code> | <code> | ||
+ | # | ||
+ | #Set the Server of Choice | ||
remote us-west.privateinternetaccess.com 1194 | remote us-west.privateinternetaccess.com 1194 | ||
+ | # | ||
+ | # | ||
client | client | ||
- | auth-user-pass /etc/vpnuserpass.conf | + | management 127.0.0.1 14 |
- | management 127.0.0.1 5001 | + | management-log-cache 250 |
- | management-log-cache 50 | + | status openvpn-status.log |
- | dev tun0 | + | |
proto udp | proto udp | ||
comp-lzo adaptive | comp-lzo adaptive | ||
Line 196: | Line 275: | ||
tls-client | tls-client | ||
remote-cert-tls server | remote-cert-tls server | ||
- | log-append piavpn.log | ||
status-version 3 | status-version 3 | ||
- | status status | + | <ca> |
- | daemon | + | |
- | <cert> | + | |
-----BEGIN CERTIFICATE----- | -----BEGIN CERTIFICATE----- | ||
MIID2jCCA0OgAwIBAgIJAOtqMkR2JSXrMA0GCSqGSIb3DQEBBQUAMIGlMQswCQYD | MIID2jCCA0OgAwIBAgIJAOtqMkR2JSXrMA0GCSqGSIb3DQEBBQUAMIGlMQswCQYD | ||
Line 224: | Line 300: | ||
llQlzAzFiIfabACTQn84QLeLOActKhK8hFJy2Gy6 | llQlzAzFiIfabACTQn84QLeLOActKhK8hFJy2Gy6 | ||
-----END CERTIFICATE----- | -----END CERTIFICATE----- | ||
- | </cert> | + | </ca> |
</code> | </code> |