Openvpn: Difference between revisions
From DWIKI
m (→FAQ) |
|||
| Line 8: | Line 8: | ||
https://community.openvpn.net/openvpn/wiki/EasyRSA3-OpenVPN-Howto | https://community.openvpn.net/openvpn/wiki/EasyRSA3-OpenVPN-Howto | ||
===Revoke certificate=== | ===Revoke certificate=== | ||
https://openvpn.net/community-resources/revoking-certificates/ | |||
./easyrsa revoke someclient | ./easyrsa revoke someclient | ||
./easyrsa gen-crl | ./easyrsa gen-crl | ||
| Line 14: | Line 16: | ||
Check the serials numbers of the revoke certs | Check the serials numbers of the revoke certs | ||
grep ^R pki/index.txt | grep ^R pki/index.txt | ||
==Push DNS to linux clients== | ==Push DNS to linux clients== | ||
Revision as of 09:04, 5 September 2023
HOWTO
Using easyrsa
https://community.openvpn.net/openvpn/wiki/EasyRSA3-OpenVPN-Howto
Revoke certificate
https://openvpn.net/community-resources/revoking-certificates/
./easyrsa revoke someclient ./easyrsa gen-crl
Check crl
openssl crl -in -text pki/crl.pem
Check the serials numbers of the revoke certs
grep ^R pki/index.txt
Push DNS to linux clients
http://blog.milford.io/2011/02/setting-up-an-openvpn-client-for-ubuntudebianmint-cli-edition/
echo "up /etc/openvpn/update-resolv-conf" >> ~/client/client.conf echo "down /etc/openvpn/update-resolv-conf" >> ~/client/client.conf
Openvpn and systemd
https://ubuntu.com/server/docs/service-openvpn
FAQ
NOTE: FlushIpNetTable failed on interface
This happens on windows, ignore it.
TLS Error: local/remote TLS keys are out of sync
First give it some time
WARNING: 'link-mtu' is used inconsistently
?
VERIFY ERROR: depth=0, error=CRL has expired
easyrsa gen-crl
and copy that to /etc/openvpn
