operating_systems:raspbian:easygateway_configuration
Differences
This shows you the differences between two versions of the page.
Both sides previous revisionPrevious revisionNext revision | Previous revisionNext revisionBoth sides next revision | ||
operating_systems:raspbian:easygateway_configuration [2019/06/26 07:11] – maferreira | operating_systems:raspbian:easygateway_configuration [2019/07/09 09:03] – [Setup] maferreira | ||
---|---|---|---|
Line 180: | Line 180: | ||
The CA public certificate / | The CA public certificate / | ||
- | # cp / | + | # cp / |
- | # chown acdsn:acdsn /tmp/ca.crt | + | # chown acdsn:acdsn /tmp/root_ca.crt |
# su acdsn | # su acdsn | ||
- | $ scp -P <port number> /tmp/ca.crt acdsn@localhost:/ | + | $ scp -P <port number> /tmp/root_ca.crt acdsn@localhost:/ |
Move server1 certificate to / | Move server1 certificate to / | ||
- | # mv /tmp/ca.crt / | + | # mv /tmp/root_ca.crt / |
- | # chown root:root / | + | # chown root:root / |
Install easy-rsa and generate a key pair for the openvpn server. | Install easy-rsa and generate a key pair for the openvpn server. | ||
Line 197: | Line 197: | ||
# tar -xvzf EasyRSA-3.0.4.tgz | # tar -xvzf EasyRSA-3.0.4.tgz | ||
# rm EasyRSA-3.0.4.tgz | # rm EasyRSA-3.0.4.tgz | ||
- | # mv EasyRSA-3.0.4/ | + | # mv EasyRSA-3.0.4/ |
+ | # ln -s / | ||
<note warning> | <note warning> | ||
Line 209: | Line 210: | ||
Make sure that **ONLY** **root** can **WRITE** and **READ** the **raspberry pi** and **server1** certificates. | Make sure that **ONLY** **root** can **WRITE** and **READ** the **raspberry pi** and **server1** certificates. | ||
# cd / | # cd / | ||
- | # chmod 660 <port number> | + | # chmod 660 <port number> |
- | # chown root:root <port number> | + | # chown root:root <port number> |
Create the initial dh.pem file. | Create the initial dh.pem file. | ||
Line 235: | Line 236: | ||
# scp -P <port number> / | # scp -P <port number> / | ||
| | ||
- | # mv /tmp/servername.crt / | + | # mv /tmp/<port number>.crt / |
- | # chown root:root / | + | # chown root:root / |
References: | References: | ||
Line 245: | Line 246: | ||
# vim / | # vim / | ||
# systemctl daemon-reload | # systemctl daemon-reload | ||
- | # / | + | # / |
+ | |||
+ | Check if openvpn is running by typing the following: | ||
+ | | ||
<note warning> | <note warning> | ||
- | OpenVPN will look at / | + | OpenVPN will look for / |
</ | </ | ||
# vi / | # vi / | ||
- | ca / | + | ca / |
+ | |||
+ | to | ||
+ | |||
+ | ca / | ||
<note important> | <note important> | ||
- | To have openvpn logs add the following | + | To have openvpn logs add the following to / |
log-append / | log-append / | ||
</ | </ | ||
Line 274: | Line 282: | ||
===== Firewall rules ===== | ===== Firewall rules ===== | ||
References: | References: | ||
- | https:// | + | https:// |
https:// | https:// | ||