notes: freebsd/openvpn@d65b324282f0 (annotated)

23 22f8dfb6833e freebsd/openvpn Tomas Zeman <tzeman@volny.cz> parents: diff changeset	1	http://www.freebsddiary.org/openvpn.php
22f8dfb6833e freebsd/openvpn Tomas Zeman <tzeman@volny.cz> parents: diff changeset	2	The solution here is rather simplistic. It allows for a single client to
22f8dfb6833e freebsd/openvpn Tomas Zeman <tzeman@volny.cz> parents: diff changeset	3	connect to a single server. You cannot do multiple clients with this setup.
22f8dfb6833e freebsd/openvpn Tomas Zeman <tzeman@volny.cz> parents: diff changeset	4
22f8dfb6833e freebsd/openvpn Tomas Zeman <tzeman@volny.cz> parents: diff changeset	5
22f8dfb6833e freebsd/openvpn Tomas Zeman <tzeman@volny.cz> parents: diff changeset	6	http://www.freebsddiary.org/openvpn-easy-rsa.php
22f8dfb6833e freebsd/openvpn Tomas Zeman <tzeman@volny.cz> parents: diff changeset	7	The FreeBSD Port for OpenVPN installs "a small RSA key management package based
22f8dfb6833e freebsd/openvpn Tomas Zeman <tzeman@volny.cz> parents: diff changeset	8	on the openssl command line tool". This package is provided by the OpenVPN
22f8dfb6833e freebsd/openvpn Tomas Zeman <tzeman@volny.cz> parents: diff changeset	9	project and can be found at /usr/local/share/doc/openvpn/easy-rsa/.
22f8dfb6833e freebsd/openvpn Tomas Zeman <tzeman@volny.cz> parents: diff changeset	10
22f8dfb6833e freebsd/openvpn Tomas Zeman <tzeman@volny.cz> parents: diff changeset	11
22f8dfb6833e freebsd/openvpn Tomas Zeman <tzeman@volny.cz> parents: diff changeset	12	http://www.freebsddiary.org/openvpn-routed.php
22f8dfb6833e freebsd/openvpn Tomas Zeman <tzeman@volny.cz> parents: diff changeset	13	In this article, I will show you how I created a routed VPN using OpenVPN. In
22f8dfb6833e freebsd/openvpn Tomas Zeman <tzeman@volny.cz> parents: diff changeset	14	this network, multiple clients can attach to the server, each of which has
22f8dfb6833e freebsd/openvpn Tomas Zeman <tzeman@volny.cz> parents: diff changeset	15	access to the network attached to the server. Each client can also contact any
22f8dfb6833e freebsd/openvpn Tomas Zeman <tzeman@volny.cz> parents: diff changeset	16	other client, subject to firewall rules.
22f8dfb6833e freebsd/openvpn Tomas Zeman <tzeman@volny.cz> parents: diff changeset	17
32 f61233ece253 openvpn: tls-verify Tomas Zeman <tzeman@volny.cz> parents: 23 diff changeset	18	Revoke/Unrevoke a client certificate in OpenVPN
f61233ece253 openvpn: tls-verify Tomas Zeman <tzeman@volny.cz> parents: 23 diff changeset	19	http://blog.abhijeetr.com/2012/06/revokeunrevoke-client-certificate-in.html
f61233ece253 openvpn: tls-verify Tomas Zeman <tzeman@volny.cz> parents: 23 diff changeset	20
f61233ece253 openvpn: tls-verify Tomas Zeman <tzeman@volny.cz> parents: 23 diff changeset	21	cname is the one which you want to disable:
f61233ece253 openvpn: tls-verify Tomas Zeman <tzeman@volny.cz> parents: 23 diff changeset	22	./revoke-all cname
f61233ece253 openvpn: tls-verify Tomas Zeman <tzeman@volny.cz> parents: 23 diff changeset	23
f61233ece253 openvpn: tls-verify Tomas Zeman <tzeman@volny.cz> parents: 23 diff changeset	24	edit the server.conf & add the following line:
f61233ece253 openvpn: tls-verify Tomas Zeman <tzeman@volny.cz> parents: 23 diff changeset	25	crl-verify crl.pem
f61233ece253 openvpn: tls-verify Tomas Zeman <tzeman@volny.cz> parents: 23 diff changeset	26
f61233ece253 openvpn: tls-verify Tomas Zeman <tzeman@volny.cz> parents: 23 diff changeset	27	ovpnCNcheck — an OpenVPN tls-verify script
f61233ece253 openvpn: tls-verify Tomas Zeman <tzeman@volny.cz> parents: 23 diff changeset	28	http://robert.penz.name/21/ovpncncheck-an-openvpn-tls-verify-script/
f61233ece253 openvpn: tls-verify Tomas Zeman <tzeman@volny.cz> parents: 23 diff changeset	29	http://robert.penz.name/wp-content/uploads/2008/01/ovpncncheck.sh

author	Tomas Zeman <tzeman@volny.cz>
	Thu, 14 Nov 2013 09:25:21 +0100
changeset 36	d65b324282f0
parent 32	f61233ece253
permissions	-rw-r--r--