![]() ![]() Next, initiate the public key infrastructure with the following command. Save and close the file when you are finished. Set_var EASYRSA_SSL_CONF "$EASYRSA/openssl-easyrsa.cnf" Set_var EASYRSA_EXT_DIR "$EASYRSA/x509-types" Set_var EASYRSA_NS_COMMENT "ROSE CERTIFICATE AUTHORITY" Set_var EASYRSA_REQ_EMAIL EASYRSA_REQ_OU "ROSE EASY CA" Set_var EASYRSA_REQ_ORG "ROSE CERTIFICATE AUTHORITY" You can create it with the following command: nano varsĪdd the following lines as per your needs: set_var EASYRSA "$PWD" A vars file is a simple file that Easy-RSA will source for configuration. Next, you will need to create a vars file inside this. Next, you will need to build the Certificate Authority (CA) for OpenVPN.įirst, change the directory to EasyRSA with the following command: cd /etc/openvpn/easy-rsa Next, copy the extracted directory to the OpenVPN directory: cp -r EasyRSA-3.0.8 /etc/openvpn/easy-rsaĪt this point, OpenVPN and EasyRSA is installed in your server. Once the download is completed, extract the downloaded file using the following command: tar -xvzf EasyRSA-3.0.8.tgz You can download the latest version of EasyRSA from the Git repository using the following command: wget It is used to create a root certificate authority, and request and sign certificates for OpenVPN. It allows you to generate multiple types of certificates. Once the OpenVPN package has been installed, you will need to download EasyRSA to your system.ĮasyRSA is a command-line utility to build and manage a PKI CA. You can install it with the following command: apt-get install openvpn -y You can do this by running the following commands: apt-get update -yĪpt-get upgrade -y Step 2: Install OpenVPN and EasyRSAīy default, OpenVPN is included in the Debian default repository. Additionally, replace ‘root’ with the username of the admin account if necessary.īefore starting, you have to make sure that all Debian OS packages installed on the server are up to date. You will need to replace ‘IP_Address’ and ‘Port_number’ with your server’s respective IP address and SSH port number. Step 1: Log in to the Server & Update the Server OS Packagesįirst, log in to your Debian 10 server via SSH as the root user: ssh -p Port_number Access to the root user account (or access to an admin account with root privileges).Debian 10 VPS (we’ll be using our NVMe 2 VPS plan).Step 9: Install and Configure OpenVPN Client.Step 6: Create Client Certificate and Key File.Step 5: Copy All Certificate and Key File.Step 4: Generate Server Certificate and Key Files.Step 3: Build the Certificate Authority.Step 1: Log in to the Server & Update the Server OS Packages.Sla monitor schedule 400 life forever start-time now Type echo protocol ipIcmpEcho 200.244.168.149 interface outside1 Sla monitor schedule 300 life forever start-time now ![]() Type echo protocol ipIcmpEcho 4.2.2.1 interface outside1 Sla monitor schedule 200 life forever start-time now Type echo protocol ipIcmpEcho 200.154.56.80 interface outside2 Sla monitor schedule 100 life forever start-time now Type echo protocol ipIcmpEcho 200.221.2.45 interface outside1 Vpnclient username usr_ezvpn_tunnelspec password ******** ![]() Vpnclient vpngroup TUNNEL_EZVPN_TUNNELSPEC password ******** I want configure a ASA 5505 with software 7.2(4) and license Dual ISPs and when I configure two interfaces with security level 0 in two interfaces and enable vpnclient the follow message appear:ĮRROR: Unable to determine Easy VPN Remote internal and external interfaces: multiple interfaces with the same security levels. ![]()
0 Comments
Leave a Reply. |