Table of content

What is it about

The following text describes how to set up an Virtual Private Network (VPN) using the kernel-space program openvpn. It claims to be the superior approach compared to IPSec (read more).

The LinkSys OpenWRT router can be easily turned into a linux device - e.g. by using the distribution White Russian. This also contains some packages to ease the setup of a openvpn server or client.

This article focuses on the required packages and the necessary steps for creating certificates and setting up connections.


Preparation

  1. install a linux based distribution (e.g. white russian)

  2. take care, that you have around 1MB free space available
  3. run

    ipkg install openvpn
    ipkg install openvpn-easy-rsa

Basic configuration

Prepare certificate database

Now the key directory (/etc/easy-rsa/keys) is filled with the database of your new shiny certificate authority and the key of the openvpn server.

Create client certificates

On the openWRT run the following for each client:

./build-key CLIENTNAME

Beware, that the Common Name (CN) of all these certificates _must_ be different - otherwise they can never be in this VPN at the same time.

Copy the resulting certificate and key files from /etc/easy-rsa/ the client.

Client configuration

Network routing

VPNOpenWRT (zuletzt geändert am 2012-06-13 21:26:24 durch anonym)


Creative Commons Lizenzvertrag
This page is licensed under a Creative Commons Attribution-ShareAlike 2.5 License.