OpenVPN Kurulum Sorunu
Debian sunucum var. VPN Kurmak istiyorum. Araştırdım ve en son http://yvz.ath.cx/programs/openvpn/ipv6-ipv4-tunnel-broker/debian-openvpn-server
kaynağından birebir kurulumu takip ettim. Lakin geldim biryerde kaldım.
/etc/init.d/openvpn start yazınca Starting virtual private network daemon: sunucu failed! hatası çıkıyor.
Peki diyorum bir alt adıma geçeyim. ifconfig tun0 yazıp herşey düzgün gitmişmi bir kontrol edelim demişler.
Bende ifconfig tun0 yazıyorum.Lakin tun0: error fetching interface information: Device not found hatasını veriyor.
Oysa benim server'da eth0 ve eth1 var. Bu tun0 nedir? Olması gerekiyor mu? Yoksa bunu sanal olarak mı oluşturmuş olmalıydım yukarıdaki işlemleri yaparken anlayaladım gitti.
Ne yapmam gerekiyor bu linkini verdiğim yazıda tun0 olarak bana yazdırdığı yerlere eth0 mı yazmalıyım acaba? Yoksa ne yapmalıyım? Lütfen yardımcı olurmusunuz?
Teşekkür ederim. Bakıyorum hemen.
Olmadı çözemedim. 🙁
Creating configuration files for server and clients
Getting the sample config files
It's best to use the OpenVPN sample configuration files as a starting point for your own configuration. These files can also be found in
§ the sample-config-files directory of the OpenVPN source distribution
§ the sample-config-files directory in /usr/share/doc/packages/openvpn or /usr/share/doc/openvpn-2.0 if you installed from an RPM package
§ Start Menu -> All Programs -> OpenVPN -> OpenVPN Sample Configuration Files on Windows
Note that on Linux, BSD, or unix-like OSes, the sample configuration files are named server.conf and client.conf. On Windows they are named server.ovpn and client.ovpn.
Editing the server configuration file
The sample server configuration file is an ideal starting point for an OpenVPN server configuration. It will create a VPN using a virtual TUN network interface (for routing), will listen for client connections on UDP port 1194 (OpenVPN's official port number), and distribute virtual addresses to connecting clients from the 10.8.0.0/24 subnet.
Before you use the sample configuration file, you should first edit the ca, cert, key, and dh parameters to point to the files you generated in the PKI section above.
At this point, the server configuration file is usable, however you still might want to customize it further:
§ If you are using Ethernet bridging, you must use server-bridge and dev tap instead of server and dev tun.
§ If you want your OpenVPN server to listen on a TCP port instead of a UDP port, use proto tcp instead of proto udp (If you want OpenVPN to listen on both a UDP and TCP port, you must run two separate OpenVPN instances).
§ If you want to use a virtual IP address range other than 10.8.0.0/24, you should modify the server directive. Remember that this virtual IP address range should be a private range which is currently unused on your network.
§ Uncomment out the client-to-client directive if you would like connecting clients to be able to reach each other over the VPN. By default, clients will only be able to reach the server.
§ If you are using Linux, BSD, or a Unix-like OS, you can improve security by uncommenting out the user nobody and group nobody directives.
If you want to run multiple OpenVPN instances on the same machine, each using a different configuration file, it is possible if you:
§ Use a different port number for each instance (the UDP and TCP protocols use different port spaces so you can run one daemon listening on UDP-1194 and another on TCP-1194).
§ If you are using Windows, each OpenVPN configuration needs to have its own TAP-Win32 adapter. You can add additional adapters by going to Start Menu -> All Programs -> OpenVPN -> Add a new TAP-Win32 virtual ethernet adapter.
§ If you are running multiple OpenVPN instances out of the same directory, make sure to edit directives which create output files so that multiple instances do not overwrite each other's output files. These directives include log, log-append, status, and ifconfig-pool-persist.
Editing the client configuration files
The sample client configuration file (client.conf on Linux/BSD/Unix or client.ovpn on Windows) mirrors the default directives set in the sample server configuration file.
§ Like the server configuration file, first edit the ca, cert, and key parameters to point to the files you generated in the PKI section above. Note that each client should have its own cert/key pair. Only the ca file is universal across the OpenVPN server and all clients.
§ Next, edit the remote directive to point to the hostname/IP address and port number of the OpenVPN server (if your OpenVPN server will be running on a single-NIC machine behind a firewall/NAT-gateway, use the public IP address of the gateway, and a port number which you have configured the gateway to forward to the OpenVPN server).
§ Finally, ensure that the client configuration file is consistent with the directives used in the server configuration. The major thing to check for is that the dev (tun or tap) and proto (udp or tcp) directives are consistent. Also make sure that comp-lzo and fragment, if used, are present in both client and server config files.
Bu linkten adım adım takip ederseniz çözeceğinizi sanıyorum
teşekkür ederim bakıyorum