OpenVPN has 2 authentication modes:
1)
Static Key Mode: uses a pre-shared key for authentication. A pre-shared
key is generated and shared between both OpenVPN peers.
2) TLS/SSL mode: uses digital certificates for authentication and key exchange. An SSL session is established with both client and server authenticating each other with digital certificates.
In this tutorial, we will establish a point-to-point VPN tunnel using TLS/SSL mode, between two hosts:
Server: 192.168.3.2
Client: 192.168.3.1
The tunnel endpoints will be as follows:
Server: 10.8.0.2
Client: 10.8.0.1
The VPN tunnel end-points represent a secure alternate path between the two hosts. For example, from client, you can 'telnet' to the server over the VPN by using the tunnel endpoint address of the server, as shown below:
telnet 10.8.0.2
Or, you can 'telnet' directly to the server, by using the server's ip address, as shown below:
telnet 192.168.3.2
NOTE: Ensure that the address you use for the tunnel endpoints is not part of any existing subnet on both the machines.
In this tutorial, we use the sample keys and certificates from the dir '/usr/share/doc/openvpn-2.3.6/sample/sample-keys/'.
Server Configuration: (192.168.3.2)
1) Install EPEL Repository
[root@zserver1 ~]# yum install epel-release
2) Install packages
[root@zserver1 ~]# yum --disablerepo=\* --enablerepo=epel install openvpn
3) Files needed on the server. Sample files from the dir. '/usr/share/doc/openvpn-2.3.6/sample/sample-keys/'
a) CA's certificate (ca.crt)
b) Server's Certificate (server.crt)
c) Server's Private Key (server.key)
d) Diffie-Hellman Parameters (dh2048.pem)
4) Create the server config file '/etc/openvpn/server.conf'. Add the following entries.
dev tun
ifconfig 10.8.0.2 10.8.0.1
tls-server
dh /usr/share/doc/openvpn-2.3.6/sample/sample-keys/dh2048.pem
ca /usr/share/doc/openvpn-2.3.6/sample/sample-keys/ca.crt
cert /usr/share/doc/openvpn-2.3.6/sample/sample-keys/server.crt
key /usr/share/doc/openvpn-2.3.6/sample/sample-keys/server.key
5) Start VPN Server
[root@zserver1 openvpn]# systemctl start openvpn@server.service
6) Configure firewall. Open UDP port 1194 and enable virtual device 'tun0'.
[root@zserver1 openvpn]# firewall-cmd --zone=public --add-port=1194/udp --permanent
[root@zserver1 openvpn]#firewall-cmd --zone=public --add-interface=tun0 --permanent
[root@zserver1 openvpn]# firewall-cmd --reload
Client Configuration: (192.168.3.1)
1) Install EPEL Repository
[root@meru ~]# yum install epel-release
2) Install packages
[root@meru ~]# yum --disablerepo=\* --enablerepo=epel install openvpn
3) Files needed on the client. Sample files from the dir. '/usr/share/doc/openvpn-2.3.6/sample/sample-keys/'.
a) CA's certificate (ca.crt)
b) Client's Certificate (client.crt)
c) Client's Private Key (client.key)
4) Create the client config file '/etc/openvpn/client.conf'. Add the following entries.
remote 192.168.3.2
dev tun
ifconfig 10.8.0.1 10.8.0.2
tls-client
ca /usr/share/doc/openvpn-2.3.6/sample/sample-keys/ca.crt
cert /usr/share/doc/openvpn-2.3.6/sample/sample-keys/client.crt
key /usr/share/doc/openvpn-2.3.6/sample/sample-keys/client.key
5) Connect to the VPN Server
[root@meru ~]# openvpn --config /etc/openvpn/client.conf
6) Open another terminal window. And configure firewall. Enable virtual device 'tun0'.
[root@meru ~]# firewall-cmd --zone=public --add-interface=tun0 --permanent
[root@meru ~]# firewall-cmd --reload
7) To test the VPN, ping 10.8.0.2 from the client and 10.8.0.1 from the server
[root@meru ~]# ping 10.8.0.2
FULLZ AVAILABLE
ReplyDeleteFresh & valid spammed USA SSN+Dob Leads with DL available in bulk.
>>1$ each SSN+DOB
>>3$ each with SSN+DOB+DL
>>5$ each for premium fullz (700+ credit score with replacement guarantee)
Prices are negotiable in bulk order
Serious buyer contact me no time wasters please
Bulk order will be preferable
CONTACT
Telegram > @leadsupplier
ICQ > 752822040
Email > leads.sellers1212@gmail.com
OTHER STUFF YOU CAN GET
SSN+DOB Fullz
CC's with CVV's (vbv & non-vbv)
USA Photo ID'S (Front & back)
All type of tutorials available
(Carding, spamming, hacking, scam page, Cash outs, dumps cash outs)
SMTP Linux Root
DUMPS with pins track 1 and 2
WU & Bank transfers
Socks, rdp's, vpn
Php mailer
Sql injector
Bitcoin cracker
Server I.P's
HQ Emails with passwords
All types of tools & tutorials.. & much more
Looking for long term business
For trust full vendor, feel free to contact
CONTACT
Telegram > @leadsupplier
ICQ > 752822040
Email > leads.sellers1212@gmail.com
Blogs and articles can be repurposed into other formats, such as podcasts or infographics Website Of Delhi expanding the reach and accessibility of the content to different audience segments.
ReplyDelete