OPENVPN ubuntu 12.04 安裝

參考

• http://openvpn.net/index.php/open-source/documentation/howto.html#redirect
• http://ubuntuforums.org/archive/index.php/t-1375001.html
• http://www.gaggl.com/2013/04/openvpn-forward-all-client-traffic-through-tunnel-using-ufw/
• http://wiki.ubuntu.org.cn/index.php?title=UFW%E9%98%B2%E7%81%AB%E5%A2%99%E7%AE%80%E5%8D%95%E8%AE%BE%E7%BD%AE&variant=zh-hant
• http://stephen.rees-carter.net/2012/09/how-to-enable-ip-forwarding-with-ufw/

1. sudo apt-get install openvpn
2. sudo mkdir /etc/openvpn/easy-rsa/
   sudo cp -R /usr/share/doc/openvpn/examples/easy-rsa/2.0/* /etc/openvpn/easy-rsa/
   sudo chown -R $USER /etc/openvpn/easy-rsa/
3. sudo vi /etc/openvpn/easy-rsa/vars
4. cd /etc/openvpn/easy-rsa/
5. sudo chown -R root:root .
6. sudo chmod g+w .
7. source vars
8. ./clean-all
9. sudo vi /etc/openvpn/easy-rsa/vars
   1. export KEY_CONFIG=$EASY_RSA/openssl-1.0.0.cnf
10. ./build-ca
11. Note that in the above sequence, most queried parameters were defaulted to the values set in the vars or vars.bat files. The only parameter which must be explicitly entered is the Common Name. In the example above, I used "OpenVPN-CA".
12. ./build-key-server server
13. ./build-dh
14. cd keys
15. sudo cp server.crt server.key ca.crt dh2048.pem ../../
16. sudo cp /usr/share/doc/openvpn/examples/sample-config-files/server.conf.gz /etc/openvpn/
17. sudo gzip -d /etc/openvpn/server.conf.gz
18. vi  /etc/openvpn/server.conf
19. sudo /etc/init.d/openvpn restart
20. Generate Client keys
    1. ./build-key client1
    2. ./build-key client2
    3. ./build-key client3
21. Download keys
    1. sudo apt-get install apache2
    2. cd /etc/openvpn/easy-rsa/
    3. tar -zpcv -f test.tar.gz keys
    4. mv test.tar.gz /var/www/
    5. Download keys
    6. rm /var/www/test.tar.gz
22. Firewall set
    1. sysctl -w net.ipv4.conf.all.forwarding=1
    2. sysctl -w net.ipv4.ip_forward=1
    3. iptables -t nat -A POSTROUTING -s 10.8.0.0/24 -o eth0 -j MASQUERADE
    4. iptables-save
23. Change to UFW(這裡有點問題, 重開機後不行用, 要用上面的iptables才可出去)
1. sudo vim /etc/default/ufw

2. DEFAULT_FORWARD_POLICY="ACCEPT"

3. sudo vim /etc/ufw/sysctl.conf
4. # Uncomment this to allow this host to route packets between interfaces
   1. net/ipv4/ip_forward=1
   2. net/ipv6/conf/default/forwarding=1
   3. net/ipv6/conf/all/forwarding=1
5. ufw disable
6. ufw enable

IPV6設定參考

http://tomsalmon.eu/2013/04/openvpn-ipv6-with-tun-device/

ubuntu中的SAMBA設定

1. sudo apt-get install samba
2. Create a new section at the bottom of the file, or uncomment one of the examples, for the directory to be shared:
   

   [share]
       comment = Ubuntu File Server Share
       path = /srv/samba/share
       browsable = yes
       guest ok = yes
       read only = no
       create mask = 0755
   

3. sudo mkdir -p /srv/samba/share
4. sudo chown nobody.nogroup /srv/samba/share/

   /etc/init.d/smb restart

5. sudo restart smbd

設定ubuntu自動安全性更新

參考http://askubuntu.com/questions/9/how-do-i-enable-automatic-updates

sudo apt-get install unattended-upgrades
sudo dpkg-reconfigure unattended-upgrades

設定Ubuntu使用PUTTY連線時可以看到中文

參考

http://amon0626.pixnet.net/blog/post/38219047-ubuntu-12.04-server-pietty%E7%84%A1%E6%B3%95%E6%AD%A3%E5%B8%B8%E9%A1%AF%E7%A4%BA%E4%B8%AD%E6%96%87

1. ~$ sudo vim /var/lib/locales/supported.d/local

加入

zh_TW.UTF-8 UTF-8  

2.更新語系檔案

~$ sudo locale-gen

 

3. ~$ sudo vim /etc/default/locale

請確定檔案內容如下(特別是紅字的地方)：

LANG="zh_TW.UTF-8"
LANGUAGE="zh_TW:zh"
LC_NUMERIC="zh_TW"
LC_TIME="zh_TW.UTF-8"
LC_MONETARY="zh_TW"
LC_PAPER="zh_TW"
LC_NAME="zh_TW"
LC_ADDRESS="zh_TW"
LC_TELEPHONE="zh_TW"
LC_MEASUREMENT="zh_TW"
LC_IDENTIFICATION="zh_TW"
之後使用pietty登入後，中文輸入與顯示就正常了

Putty要開UTF_8

OpenVPN Windows安裝步驟

參考資料

http://www.dotblogs.com.tw/remhom/archive/2012/03/13/70717.aspx

http://j796160836.pixnet.net/blog/post/25271623-%5B%E6%95%99%E5%AD%B8%5D-open-vpn-for-windows-%E7%92%B0%E5%A2%83%E8%A8%AD%E5%AE%9A%E6%95%B4%E7%90%86

https://help.ubuntu.com/10.04/serverguide/openvpn.html

1. 裝open vpn
2. 裝openssl
3. 下載easy-rsa
4. We should probably copy in the easy-rsa/2.0/openssl.cnf into the Windows package when wrapping it all together.
5. Run the GUI as Administrator once. It will be able to create the keys then.
6. 遇到All TAP-Win32 adapters on this system are currently in use.
   1. 到網路介面卡重新啟動Tap-Win32

要用管理者權限開程式

Server防火牆要全開, 才能互相ping

windows 7好像沒辦法做port forwarding

所以宣告失敗，改用LINUX安裝

組電腦

Intel Core i5 3470, 5700
技嘉 B75M-D3H, 2590

威剛 DDR3 8G-1600, 1600

機殻 CoolMaster RC-372, 1350

華碩 P8H77-M LE/M-ATX/1A1D1H/前置19Pin U3 $2990

技嘉 Gigabyte    GV-R785OC-1GD                   HD7850, 4900

VGA    (顯示卡)：撼訊 PowerColor  AX7750 1GBD5-DHE        HD7750,
                 撼訊 PowerColor  AX7770 1GBD5-HE         HD7770,
                 微星 MSI         N650Ti-1GD5V1           GTX650Ti, 3990

VGA    (顯示卡)：影馳 Galaxy      GTX660                          GTX660, 6490
                 技嘉 Gigabyte    GV-R785OC-1GD                   HD7850, 4900
                 微星 MSI         R7870-2GD5T                     HD7870, 6800

原先是買技嘉 Gigabyte    GV-R785OC-1GD                   HD7850, 4900

最後顯卡換成撼訊 AX7870 Myst 2GBD5-2DHPPV3E/2G DDR5/ 7490