Tuesday, August 24, 2010

OpenVPN. Configuration file

If run automatic:
*.conf for linux *.opvn for M$
and file location:
M$: "C:\Program Files\OpenVPN\config\"
Linux: /etc/openvpn
In config file:
CLIENT/SERVER DESIGNATION:
    SERVER: Don`t need any things
    CLIENT:
    # SERVER IP ADDRESS
    remote 100.0.0.1
    #
TUNNEL MODE:
    TUN or TAP tunnel.
    # ETHERNET OR IP TUNNEL
    # "dev tun" will create a routed IP tunnel
    dev tun
    # "dev tap" will create an Ethernet tunnel
    dev tap
    # use "dev tun" or "dev tap" but not both
TUNNEL PORT:
    # TCP OR UDP TUNNEL
    # TCP tunnel
    proto tcp
    # UDP tunnel is recommended
    proto udp
    # use TCP or UDP but not both
    #
    # TCP OR UDP PORT
    port 1194
OpenVPN security:
Transparent tunnel:
    OpenVPN just tunnels the data without authentication, confidentiality, or integrity. In other words there is no security checks whatsoever, and the data can be read as it passes through the tunnel.
    # Client AND Server configs
    # No integritiy (hash function
    # algorithm)
    auth none
    # No encryption (cipher algorithm)
    cipher none
Preshared keys:
    # PRESHARED KEYS
    # Linux system
    static /home/user/openvpn/key.txt
    # Windows system
    static "C:\\Program Files\\OpenVPN\\config\\key.txt"
SSL/TLS:
    Server:
    # SSL/TLS SERVER
    tls-server
    Client:
    # SSL/TLS CLIENT
    tls-client
Certificates and public keys:
    Server:
    # CERTIFICATES AND PRIVATE KEY
    # Authority certificate (CA public key)
    ca ca.key
    # Server certificate (server public key)
    cert server.crt
    # Server private key
    key server.key
    Client:
     # CERTIFICATES AND PRIVATE KEY
    # Authority certificate (CA public key)
    ca ca.key
    # Client certificate (client public key)
    cert client.crt
    # Client private key
    key client.key
Diffie-Hellmann (DH) settings:
    Server:
    # Diffie-Hellman settings
    dh dh1024.pem
    Client:
    # No DH setting on the client
    #
CIPHER ALGORITHM
    Server and Client:
    # CIPHER ALGORITHM
    cipher AES-256-CBC
HASH FUNCTION ALGORITHM
    Server and Client:
    # HASH FUNCTION ALGORYTHM
    auth MD5
IP ADDRESSES:
    Static IP:
        Server:
        # IP ADDRESSING
        # IP mode example: use subnet mask 30 ( routing)
        # Server IP: 10.8.0.1 ; Client IP: 10.8.0.2
        ifconfig 10.8.0.1 10.8.0.2
        # Bridge mode example
        # Server IP: 10.8.0.1
        ifconfig 10.8.0.1 255.255.255.0
        # Use bridged or routed settings but not
        # both
        # Client and Server must use the same
        # tunnel mode
        Client:
        # IP ADDRESSING
        # IP mode example:
        # Server IP: 10.8.0.1 ; Client IP: 10.8.0.2
        ifconfig 10.8.0.2 10.8.0.1
        # Bridge mode example
        # Client IP: 10.8.0.2
        ifconfig 10.8.0.2 255.255.255.0
        # Use bridged or routed settings but not
        # both
        # Client and Server must use the same
        # tunnel mode
    DHCP:
        Server:
        # DHCP SETTINGS
        # DHCP range
        # Server will take the first IP address
        server 10.8.0.0 255.255.255.0
        Client:
        # CLIENT ACCEPTS SERVER OPTIONS
        # The client should accept options pushed
        # by the server
        pull
Run:
    #openvpn path-to-config-file
------------------------------------------------------------
Thanks for reading
--------------------------------------------------------------------------
All my Lab:
Linux Lab -- window and Cisco Lab
to be continued - I will update more. 

No comments:

Install Xposed Inspector and Frida on Genymotion

Today i had some work with android. So i need trace application. I found 2 nice tool can help me: Xposed Inspector and Frida. To setup ther...