Debugging stuff (may useful for troubleshooting) In /etc/stunnel/nf # create if file doesn't exist $ cat server.key > server.pem & cat server.crt > server.pem $ openssl x509 -req -days 365 -in server.csr -signkey server.key -out server.crt $ openssl req -new -key server.key -out server.csr In your stunnel directory, sometimes at /etc/stunnel/ $ openssl genrsa -out server.key 4096 You can run this on the same server as your OpenVPN. In the FreeRADIUS server: $ vim /etc/raddb/nf Hit “Update Running Server” Hook FreeRADIUS and OpenVPN Add OpenVPN server into FreeRADIUS records Select “Radius” and “update running server” Authentication > RadiusĪdd server ip of FreeRADIUS server and shared_secret (hint: “testing123” which
Stunnel authentication password#
Change OpenVPN password $ passwd openvpnĪccess and login with your username/password Under Authentication > General To reconfigure manually, use the /usr/local/openvpn_as/bin/ovpn-init tool. Please enter “passwd openvpn” to set the initialĪdministrative password, then login as “openvpn” to continue The Access Server has been successfully installed in /usr/local/openvpn_asĬonfiguration log file has been written to /usr/local/openvpn_as/init.log Lets check radius! $ service radiusd start Secret = testing123 # into something more awesome # /etc/raddb/sites-available/inner-tunnelĬhange freeradius secret # /etc/raddb/nf # Database table configuration for everything except Oracleĭo the magical uncomments # /etc/raddb/sites-available/default Mysql> INSERT INTO radcheck (username, attribute, op, value) VALUES ('chantra','Cleartext-Password',':=','chantrapass') Ĭreate /etc/raddb/sql.conf # Connection info: _Create your first vpn user _ mysql> use radius Mysql> SOURCE /etc/raddb/sql/mysql/schema.sql Mysql> GRANT ALL ON radius.* TO IDENTIFIED BY "radpass" Login to MySQL as root and create databases $ mysql -uroot -p
Stunnel authentication install#
Setup FreeRADIUS Install Freeradius Centos $ yum install freeradius freeradius-mysql With all these setup, you’re one step closer to start providing VPN services. This article will serve to setup FreeRADIUS as the authentication mechanism, OpenVPN as the VPN protocol and stunnel as an introduction to obfuscating censorship. I hope this might give you a little peek. If you’re ever curious as to how do VPN service providers manage all their usersĪnd their authentication.
0 kommentar(er)
