./configure –prefix=/usr/local/openvpn –with-lzo-headers=/usr/local/include/lzo
–with-lzo-lib=/usr/local/lib –with-ssl-headers=/usr/include/openssl –with-ssl-lib=/usr/lib (需要几分钟的等待) make make install
11、生成openvpn的key等相关文件
拷贝生成key的文件[root@linux85 openvpn-2.1.4]# cp -rf ./easy-rsa/ /usr/local/openvpn/ [root@linux85 openvpn-2.1.4]# cd /usr/local/openvpn/easy-rsa/2.0 vim vars
修改底部的如下内容,并保存
export KEY_COUNTRY=”CN” export KEY_PROVINCE=”AH” export KEY_CITY=”HF” export KEY_ORG=”Lighten” export KEY_EMAIL=”306981145@qq.com” [root@linux85 2.0]# source ./vars ./clean-all ./build-ca
./build-key-server server ./build-dh cd keys
/usr/local/openvpn/sbin/openvpn –genkey –secret ta.key cd /usr/local/openvpn mkdir ssl
cp -a ./easy-rsa/2.0/keys/ca.crt ./ssl/ cp -a ./easy-rsa/2.0/keys/dh1024.pem ./ssl/
cp -a ./easy-rsa/2.0/keys/ta.key ./ssl/ cp -a ./easy-rsa/2.0/keys/server.crt ./ssl/ cp -a ./easy-rsa/2.0/keys/server.key ./ssl/ 12、openvpn的配置 拷贝server.conf文件
[root@linux85 openvpn]# cp /openvpn-2.1.4/sample-config-files/server.conf /usr/local/openvpn/
vim /usr/local/openvpn/server.conf,请参考附件中的server.conf文件进行配置 创建两个文件夹
mkdir /usr/local/openvpn/ccd mkdir /usr/local/var/log/openvpn 配置启动文件
[root@linux85 openvpn]# cp /openvpn-2.1.4/sample-scripts/openvpn.init /etc/init.d/ [root@linux85 openvpn]# ln -s /usr/local/openvpn/sbin/openvpn /usr/sbin/openvpn vi /etc/init.d/openvpn.init 修改:work=/usr/local/openvpn 启动openvpn
/etc/init.d/openvpn.init start
这个时候要看一下 ifconfig 有没有 tun0设备,如果有的话,openvpn启动成功 13、安装配置radiusplugin
[root@linux85 /]# tar -zxvf radiusplugin_v2.1a_beta1.tar.gz cd radiusplugin_v2.1a_beta1 make
[root@linux85 radiusplugin_v2.1a_beta1]# cp radiusplugin.so /usr/local/openvpn/ [root@linux85 radiusplugin_v2.1a_beta1]# cp radiusplugin.cnf /usr/local/openvpn/ vim /usr/local/openvpn/radiusplugin.cnf
第22行处修改openvpn的server.conf文件位置 OpenVPNConfig=/usr/local/openvpn/server.conf 第74行处修改name为本机地址 name=127.0.0.1 第80行处修改sharedsecret sharedsecret=testing123 14、安装配置Daloradius
Daloradius是管理freeradius的web管理界面 [root@linux85 /]# tar -zxvf daloradius-0.9-8.tar.gz mkdir /opt/lampp/htdocs/radius
[root@linux85 /]# cp -rf daloradius-0.9-8/* /opt/lampp/htdocs/radius/ [root@linux85 /]# vim /opt/lampp/htdocs/radius/library/daloradius.conf.php 配置如下
$configValues['DALORADIUS_VERSION'] = ?0.9-8′; $configValues['FREERADIUS_VERSION'] = ?1′; $configValues['CONFIG_DB_ENGINE'] = ?mysql?; $configValues['FREERADIUS_VERSION'] = ?1′; $configValues['CONFIG_DB_ENGINE'] = ?mysql?; $configValues['CONFIG_DB_HOST'] = ?127.0.0.1′; $configValues['CONFIG_DB_USER'] = ?root?; $configValues['CONFIG_DB_PASS'] = ?123′; 导入daloradius数据库
[root@linux85 /]# /opt/lampp/bin/mysql -uroot -p123 radius < /opt/lampp/htdocs/radius/contrib/db/mysql-daloradius.sql
创建log文件
touch /tmp/daloradius.log 更改freeradius的log文件位置
[root@linux85 tmp]# vim /opt/lampp/htdocs/radius/library/exten-radius_log.php 修改$logfile_loc1 = ?/usr/local/var/log/radius/radius.log?; 如何使用 1、使用浏览器登录到daloradius,地址为http://192.168.0.85/radius, 默认用户名administrator,默认密码为radius
2、新建一个用户,用户名admin,密码admin
3、从centos中拷贝ca.key ca.crt ta.key三个文件,并配置client.ovpn,client.ovpn文件可从附件中下载,需要配置的地方remote XX.XX.XX.XX 1194
4、从官方下载openvpn客户端并安装,把上述四个文件拷贝到D:\\Program Files\\OpenVPN\\config文件夹中 5、按照如上配置之后即可连接vpn
6、如果有什么错误可查看usr/local/var/log/openvpn/openvpn.log 和 usr/local/var/log/radius/radius.log 和/tmp/daloradius.log