debian6安装openvpn

http://b.gkp.cc/2010/08/01/setup-openvpn-server-on-linode-debian/
http://www.5ilinux.com/2011/04/debian6openvpn.html

 

1,安装
aptitude install openvpn

 

2,复制设置文件

cp -R /usr/share/doc/openvpn/examples/easy-rsa/ /etc/openvpn

cp /usr/share/doc/openvpn/examples/sample-config-files/server.conf.gz /etc/openvpn/

cd /etc/openvpn

gzip -d server.conf.gz

 

 

3，生成KEY

cd easy-rsa/2.0

source vars

./clean-all

./build-ca // 这里会问你很多问题，都回车默认就行了

./build-key-server server

./build-key client

./build-dh

 

 

 

 

4，服务设置
vi /etc/openvpn/server.conf一些可能需要修改的关键部分：

;local a.b.c.d
local YOUR.IP.ADDRESS  // 这行是服务器的外网 IP 地址

push "redirect-gateway def1" // 把 openvpn 服务器作为网关

push "dhcp-option DNS 8.8.8.8"
push "dhcp-option DNS 8.8.4.4" // 推送 Google DNS 服务器到客户端

client-to-client

 

 

client.conf
client
dev tun
proto udp
remote 1.2.3.4 1194
resolv-retry infinite
nobind
persist-key
persist-tun
ca ca.crt
cert client1.crt
key client1.key
ns-cert-type server
comp-lzo
verb 3
verb 3

 

 

5，NAT配置
vi /etc/rc.local
添加以下语句，您只要替换“208.110.73.134”为您自己的ip就行
# add iptables rule for openvpn
iptables -t nat -A POSTROUTING -s 10.8.0.0/24 -o venet0 -j SNAT --to 208.110.73.134

iptables-save > /etc/iptables.up.rules

 

/etc/network/interface
pre-up iptables-restore</etc/iptables-rules