有人研究过vyatta的OpenVPN么

小狼 · 发表于 2009-9-1 20:45:02

马上注册，结交更多好友，享用更多功能，让你轻松玩转社区。

您需要登录才可以下载或查看，没有账号？注册

×

。。。研究了半天实在搞不懂。。
本人愚钝。。E文不好，Linux又不是很精通。。
希望有人做成功的，给个范例。
vyatta的pdf我看了，就卡在生成key和证书的那步。崩溃了。。。
各位帮帮忙。。。

ksshihao · 发表于 2009-12-2 16:18:37

vyatta@kmipv6:~$ show configuration
interfaces {
ethernet eth0 {
address 192.168.0.254/24
description LAN
hw-id 00:15:17:4a:21:1d
}
ethernet eth1 {
address 220.163.111.154/24
description WAN
hw-id 00:13:72:2e:a3:2c
}
loopback lo {
}
}
protocols {
static {
route 0.0.0.0/0 {
next-hop 220.163.111.153 {
}
}
}
}
service {
dhcp-server {
disabled false
shared-network-name dhcpserver {
authoritative disable
subnet 192.168.0.0/24 {
default-router 192.168.0.254
dns-server 222.172.200.68
dns-server 61.166.150.123
start 192.168.0.1 {
stop 192.168.0.250
}
}
}
}
https
nat {
rule 1 {
destination {
}
outbound-interface eth1
protocol all
source {
address 192.168.0.0/24
}
type masquerade
}
rule 100 {
destination {
address 220.163.111.154
port 80
}
inbound-interface eth1
inside-address {
address 192.168.0.150
}
protocol tcp
source {
address 0.0.0.0/0
}
type destination
}
}
ssh {
allow-root true
protocol-version all
}
telnet {
allow-root false
}
}
system {
gateway-address 220.163.111.153
host-name kmipv6
login {
user root {
authentication {
encrypted-password ****************
}
}
user vyatta {
authentication {
encrypted-password ****************
}
}
}
name-server 222.172.200.68
name-server 61.166.150.123
ntp-server 69.59.150.135
package {
auto-sync 1
repository community {
components main
distribution stable
url http://packages.vyatta.com/vyatta
}
}
}
vpn {
ipsec {
ipsec-interfaces {
interface eth1
}
nat-networks {
allowed-network 192.168.0.0/24 {
}
}
nat-traversal enable
}
l2tp {
remote-access {
authentication {
local-users {
username vpn {
password ****************
}
}
mode local
}
client-ip-pool {
start 192.168.0.211
stop 192.168.0.220
}
ipsec-settings {
authentication {
mode pre-shared-secret
pre-shared-secret ****************
}
}
outside-address 220.163.111.154
outside-nexthop 220.163.111.153
}
}
pptp {
remote-access {
authentication {
local-users {
username vpn {
password ****************
}
}
mode local
}
client-ip-pool {
start 192.168.0.201
stop 192.168.0.210
}
outside-address 220.163.111.154
}
}
}

chenxin · 发表于 2009-12-16 16:42:27

证书生成可以参考这里
http://openvpn.net/index.php/ope ... tion/howto.html#pki

小狼 · 发表于 2009-12-29 13:46:45

我靠~~楼上两位太帅了。

ikic · 发表于 2010-3-1 22:53:43

放在生产环境了吗

账号		自动登录	找回密码
密码			注册

[Vyatta] 有人研究过vyatta的OpenVPN么

马上注册，结交更多好友，享用更多功能，让你轻松玩转社区。