{"id":4553,"date":"2014-10-23T01:25:35","date_gmt":"2014-10-22T16:25:35","guid":{"rendered":"http:\/\/www.vincentina.net\/?p=4553"},"modified":"2014-10-23T01:25:35","modified_gmt":"2014-10-22T16:25:35","slug":"lpic303-openvpn-03","status":"publish","type":"post","link":"https:\/\/www.vincentina.net\/?p=4553","title":{"rendered":"lpic303 openvpn 03"},"content":{"rendered":"<p class=\"entry-title\"><a href=\"http:\/\/www.vincentina.net\/?p=4548\" rel=\"bookmark\">lpic303 openvpn 02<\/a><\/p>\n<p class=\"entry-title\"><a href=\"http:\/\/www.vincentina.net\/?p=4544\" rel=\"bookmark\">lpic303 openvpn 01<\/a><\/p>\n<p>\u524d\u56de\u30b5\u30fc\u30d0\u30fc\u5074\u306e\u8a2d\u5b9a\u5185\u5bb9\u3092\u78ba\u8a8d\u3057\u305f\u306e\u3067\u3001\u4eca\u56de\u306f\u30af\u30e9\u30a4\u30a2\u30f3\u30c8\u5074\u306e\u8a2d\u5b9a\u5185\u5bb9\u3092\u78ba\u8a8d\u3057\u3088\u3046\u3068\u601d\u3044\u307e\u3059\u3002\u4ee5\u524d\u5229\u7528\u3057\u3066\u3044\u305f\u30bd\u30d5\u30c8\u306f\u3001WindowsGui for OpenVPN\u3068\u3044\u3046Windows\u7528\u306eOpenVPN\u30af\u30e9\u30a4\u30a2\u30f3\u30c8\u30bd\u30d5\u30c8\u3067\u3059\u3002<\/p>\n<p>\u666e\u901a\u306b\u30a4\u30f3\u30b9\u30c8\u30fc\u30eb\u3059\u308b\u3068C:program Files\\OpenVPN\\config\u30d5\u30a9\u30eb\u30c0\u306bclient.ovpn\u3068\u3044\u3046\u8a2d\u5b9a\u30d5\u30a1\u30a4\u30eb\u3068\u3001\u8a8d\u8a3c\u95a2\u9023\u306e\u9375\u3068\u8a3c\u660e\u66f8\u3092\u8a2d\u7f6e\u3059\u308b\u3053\u3068\u306b\u306a\u308a\u307e\u3059\u3002<\/p>\n<p>\u307e\u305aOpenVPN\u3067\u5229\u7528\u3067\u304d\u308b\u8a8d\u8a3c\u3067\u3059\u304c<\/p>\n<ul style=\"list-style-type: circle;\">\n<li>\u4e8b\u524d\u5171\u6709\u79d8\u5bc6\u9375\u3000static key<\/li>\n<li>\u30af\u30e9\u30a4\u30a2\u30f3\u30c8\/\u30b5\u30fc\u30d0\u30fc\u8a3c\u660e\u66f8\u306eSSL\/TLS<\/li>\n<\/ul>\n<p>\u306e\u5229\u7528\u304c\u53ef\u80fd\u3067\u3059\u3002<\/p>\n<p>\u3067\u306f\u3001\u524d\u56de\u3068\u540c\u3058\u3088\u3046\u306b\u30c6\u30ad\u30b9\u30c8\u30d5\u30a1\u30a4\u30eb\u3092\u898b\u3066\u304d\u307e\u3059\u3002\u30b5\u30fc\u30d0\u30fc\u5074\u306eserver.conf\u3068\u3060\u3044\u305f\u3044\u540c\u3058\u3088\u3046\u306a\u611f\u3058\u3067\u3059\u3002<\/p>\n<pre>client<\/pre>\n<p>TLS\u8a8d\u8a3c\u3092\u6709\u52b9\u306b\u3057\u307e\u3059\u3002<\/p>\n<pre>tls-auth ta.key 1<\/pre>\n<p>\u30c8\u30f3\u30cd\u30ea\u30f3\u30b0\u306e\u30c7\u30d0\u30a4\u30b9\u3092\u9078\u629e\u3002tun\u306fL3\u3067\u3057\u305f\u306d\u3002<\/p>\n<pre>dev tun<\/pre>\n<p>\u30d7\u30ed\u30c8\u30b3\u30eb\u306f\u30b5\u30fc\u30d0\u30fc\u3068\u5408\u308f\u305b\u3066UDP\u306b\u306a\u3063\u3066\u3044\u307e\u3059\u3002<\/p>\n<pre>proto udp<\/pre>\n<p>\u30b5\u30fc\u30d0\u30fc\u306eIP\u30a2\u30c9\u30ec\u30b9\u3068\u30dd\u30fc\u30c8\u756a\u53f7\u3067\u3059\u3002<\/p>\n<pre>remote ***.***.***.*** 1194<\/pre>\n<p>\u8a3c\u660e\u66f8\u95a2\u9023\u3067\u3059\u3002\u30b5\u30fc\u30d0\u30fc\u306e\u3082\u306e\u3068\u5408\u308f\u305b\u307e\u3057\u3087\u3046\u3002<\/p>\n<pre>ca ca.crt\r\ncert client1.crt\r\nkey client1.key<\/pre>\n<p>\u540d\u524d\u89e3\u6c7a\u306b\u5931\u6557\u3057\u305f\u3089\u30fb\u30fb\u30fb\u3067\u3059\u304c\u3001infinite\u306f\u6c38\u9060\u306b\u7d9a\u3051\u307e\u3059\u3002<\/p>\n<pre>resolv-retry infinite<\/pre>\n<p>\u30d1\u30b1\u30c3\u30c8\u3092\u76f8\u624b\u5074\u306b\u9001\u308b\u3068\u304d\u306b\u4f7f\u7528\u3059\u308b\u30dd\u30fc\u30c8\u3092<wbr \/>\u660e\u793a\u7684\u306b\u30d0\u30a4\u30f3\u30c9\u305b<br \/>\n\u305a\u3001\u52d5\u7684\u306b\u5272\u308a\u5f53\u3066\u307e\u3059\u3002<wbr \/><\/p>\n<pre>nobind<\/pre>\n<p>\u30b5\u30fc\u30d0\u30fc\u5074\u306b\u3082\u3042\u308a\u307e\u3057\u305f\u304c\u3001\u518d\u8d77\u52d5\u6642\u306e\u70ba\u306b\u8a18\u61b6\u3057\u3066\u304a\u304f\u3068\u3044\u3046\u8a2d\u5b9a\u3067\u3059\u3002<\/p>\n<pre>persist-key\r\npersist-tun<\/pre>\n<p>LZO\u5727\u7e2e\u3092\u5229\u7528\u3059\u308b\u3002\u30b5\u30fc\u30d0\u30fc\u5074\u3082\u540c\u3058\u8a2d\u5b9a\u3067\u3059\u3002<\/p>\n<pre>comp-lzo<\/pre>\n<p>\u30ed\u30b0\u306e\u30ec\u30d9\u30eb\u3067\u3059\u3002\u30b5\u30fc\u30d0\u30fc\u5074\u3082\u540c\u3058\u8a2d\u5b9a\u3067\u3059\u3002<\/p>\n<pre>verb 3<\/pre>\n<p>\u3053\u3046\u3057\u3066\u307f\u308b\u3068\u307b\u3068\u3093\u3069\u304c\u30b5\u30fc\u30d0\u30fc\u5074\u3068\u540c\u3058\u3067\u3057\u305f\u306d\u3002\u30b5\u30fc\u30d0\u30fc\u5074\u3068\u30af\u30e9\u30a4\u30a2\u30f3\u30c8\u5074\u3067\u9055\u3046\u3068\u3053\u308d\u3068\u8a00\u3046\u3068\u3001\u63a5\u7d9a\u3067\u304d\u305f\u6642\u306b\u3069\u3046\u52d5\u304f\u304b\u3068\u3044\u3046\u3082\u306e\u3068\u63a5\u7d9a\u3067\u304d\u306a\u304b\u3063\u305f\u6642\u306b\u3069\u3046\u52d5\u304f\u304b\u306e\u90e8\u5206\u304c\u9055\u3046\u3060\u3051\u3067\u3042\u3068\u306f\u3060\u3044\u305f\u3044\u540c\u3058\u3067\u3059\u306d\u3002<\/p>\n<p>\u5f8c\u306fOpenVPN\u30b5\u30fc\u30d0\u30fc\u5074\u3067\u305f\u3068\u3048\u3070\u30d5\u30a1\u30a4\u30eb\u306b\u30a2\u30af\u30bb\u30b9\u3057\u305f\u308a\u3001\u30a4\u30f3\u30bf\u30fc\u30cd\u30c3\u30c8\u306b\u30a2\u30af\u30bb\u30b9\u3057\u305f\u308a\u3068\u3044\u3046\u4e8b\u306b\u306a\u308b\u3068\u8ee2\u9001\u306e\u8a2d\u5b9a\u304c\u5fc5\u8981\u306b\u306a\u308a\u3001\/proc\/sys\u3067\u30d1\u30e9\u30e1\u30fc\u30bf\u5909\u66f4\u3084FW\u306e\u8ee2\u9001\u8a2d\u5b9a\u3084\u30dd\u30fc\u30c8\u306e\u8a2d\u5b9a\u304c\u307e\u305f\u5fc5\u8981\u306b\u306a\u308b\u4e8b\u3067\u3057\u3087\u3046\u3002<\/p>\n<p>\u7d30\u304b\u3044\u3068\u3053\u306f\u4eca\u56de\u306f\u3084\u308a\u307e\u305b\u3093\u3002<\/p>\n<p>\u3053\u3093\u306a\u3068\u3053\u308d\u304b\u306a\u3041\u300203\u306f\u5c11\u306a\u3044\u3067\u3059\u304c\u3053\u308c\u3067\u7d42\u308f\u308a\u307e\u3059\u3002<\/p>\n<p>\u6700\u5f8c\u306b\u8a2d\u5b9a\u30d5\u30a1\u30a4\u30eb\u3092\u6b8b\u3057\u3066\u304a\u304d\u307e\u3059\u3002<\/p>\n<p>\u30b5\u30fc\u30d0\u30fc<\/p>\n<pre>\/etc\/openvpn\/server.conf<\/pre>\n<pre>port 1194\r\nproto udp\r\ndev tun\r\nca ca.crt\r\ncert server.crt\r\nkey server.key\u00a0 # This file should be kept secret\r\ndh dh1024.pem\r\nserver 192.168.2.0 255.255.255.0\r\nifconfig-pool-persist ipp.txt\r\nkeepalive 10 120\r\ntls-auth ta.key 0 # This file is secret\r\ncomp-lzo\r\nmax-clients 2\r\nuser nobody\r\ngroup nobody\r\npersist-key\r\npersist-tun\r\nstatus openvpn-status.log\r\nlog-append \/var\/log\/openvpn.log\r\nverb 3\r\npush \"redirect-gateway def1\"\r\npush \"dhcp-option DNS 8.8.8.8\"\r\npush \"dhcp-option DNS 8.8.4.4\"\r\nduplicate-cn<\/pre>\n<p>\u30af\u30e9\u30a4\u30a2\u30f3\u30c8<\/p>\n<pre>client\r\ntls-auth ta.key 1\r\ndev tun\r\nproto udp\r\nremote \u30b5\u30fc\u30d0\u30fcIP 1194\r\nca ca.crt\r\ncert client1.crt\r\nkey client1.key\r\nresolv-retry infinite\r\nnobind\r\npersist-key\r\npersist-tun\r\ncomp-lzo\r\nverb 3<\/pre>\n<p>&nbsp;<\/p>\n<p>&nbsp;<\/p>\n<div class='wp_social_bookmarking_light'>        <div class=\"wsbl_twitter\"><a href=\"https:\/\/twitter.com\/share\" class=\"twitter-share-button\" data-url=\"https:\/\/www.vincentina.net\/?p=4553\" data-text=\"lpic303 openvpn 03\" data-via=\"TakekenTw\" data-lang=\"ja\">Tweet<\/a><\/div><\/div>\n<br class='wp_social_bookmarking_light_clear' \/>\n","protected":false},"excerpt":{"rendered":"<p>lpic303 openvpn 02 lpic303 openvpn 01 \u524d\u56de\u30b5\u30fc\u30d0\u30fc\u5074\u306e\u8a2d\u5b9a\u5185\u5bb9\u3092\u78ba\u8a8d\u3057\u305f\u306e\u3067\u3001\u4eca\u56de\u306f\u30af\u30e9\u30a4\u30a2\u30f3\u30c8\u5074\u306e\u8a2d\u5b9a\u5185\u5bb9\u3092\u78ba\u8a8d\u3057\u3088\u3046\u3068\u601d\u3044\u307e\u3059\u3002\u4ee5\u524d\u5229\u7528\u3057\u3066\u3044\u305f\u30bd\u30d5\u30c8\u306f\u3001WindowsGui f &hellip; <a href=\"https:\/\/www.vincentina.net\/?p=4553\" class=\"more-link\"><span class=\"screen-reader-text\">&#8220;lpic303 openvpn 03&#8221; \u306e<\/span>\u7d9a\u304d\u3092\u8aad\u3080<\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[6],"tags":[],"class_list":["post-4553","post","type-post","status-publish","format-standard","hentry","category-server"],"_links":{"self":[{"href":"https:\/\/www.vincentina.net\/index.php?rest_route=\/wp\/v2\/posts\/4553","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.vincentina.net\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.vincentina.net\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.vincentina.net\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.vincentina.net\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=4553"}],"version-history":[{"count":0,"href":"https:\/\/www.vincentina.net\/index.php?rest_route=\/wp\/v2\/posts\/4553\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.vincentina.net\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=4553"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.vincentina.net\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=4553"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.vincentina.net\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=4553"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}