![\"\"](\"https:\/\/artem.services\/wp-content\/uploads\/2018\/10\/OpenVPN.png\")
<\/p>\n<\/p>\n
\u041f\u0443\u0441\u0442\u0438\u0442\u044c \u0447\u0435\u0440\u0435\u0437 VPN \u0442\u043e\u043b\u044c\u043a\u043e \u0441\u0435\u0442\u0438, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043f\u043e\u043f\u0430\u0434\u0430\u044e\u0442 \u043f\u043e\u0434 \u0437\u0430\u043f\u0440\u0435\u0442, \u043e\u0441\u0442\u0430\u043b\u044c\u043d\u044b\u0435 \u0434\u043e\u043b\u0436\u043d\u044b \u0438\u0434\u0442\u0438 "\u043d\u0430\u043f\u0440\u044f\u043c\u0443\u044e". \u0422\u0430\u043a \u0436\u0435 \u0432\u0430\u0436\u043d\u043e \u0443\u0434\u043e\u0431\u0441\u0442\u0432\u043e \u043f\u043e\u0434\u043a\u043b\u044e\u0447\u0435\u043d\u0438\u044f \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432, \u043a\u0440\u043e\u0441\u0441\u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u0435\u043d\u043d\u043e\u0441\u0442\u044c, \u0441\u043a\u043e\u0440\u043e\u0441\u0442\u044c \u0438 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u044c.<\/p>\n
\u0412\u0441\u0435 \u0448\u0430\u0433\u0438 \u0431\u044b\u043b\u0438 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u044b \u043d\u0430 CentOS 7<\/strong>.<\/p>\n \u0423\u0441\u0442\u0430\u043d\u043e\u0432\u0438\u043c \u0440\u0435\u043f\u043e\u0437\u0438\u0442\u043e\u0440\u0438\u0439 EPEL<\/strong>, \u0435\u0441\u043b\u0438 \u0435\u0433\u043e \u0435\u0449\u0435 \u043d\u0435\u0442 \u0432 \u0441\u0438\u0441\u0442\u0435\u043c\u0435 \u0438 \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u0438\u043c \u043d\u0443\u0436\u043d\u044b\u0435 \u043f\u0430\u043a\u0435\u0442\u044b:<\/p>\n \u0421\u043e\u0437\u0434\u0430\u0435\u043c \u0444\u0430\u0439\u043b \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u0438:<\/p>\n <\/p>\n \u0418 \u043a\u043e\u043f\u0438\u0440\u0443\u0435\u043c \u0432 \u043d\u0435\u0433\u043e \u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0435\u0435:<\/p>\n \u0414\u043b\u044f \u0442\u043e\u0433\u043e, \u0447\u0442\u043e\u0431\u044b \u043d\u0435 \u0432\u0435\u0441\u044c \u043d\u0430\u0448 \u0442\u0440\u0430\u0444\u0444\u0438\u043a \u0445\u043e\u0434\u0438\u043b \u0447\u0435\u0440\u0435\u0437 VPN, \u0430 \u0442\u043e\u043b\u044c\u043a\u043e \u043d\u0435\u043e\u0431\u0445\u043e\u0434\u0438\u043c\u044b\u0435 \u0441\u0435\u0442\u0438, \u0441\u043e\u0437\u0434\u0430\u0434\u0438\u043c \u0444\u0430\u0439\u043b \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u0438 \u0434\u043b\u044f \u043a\u043b\u0438\u0435\u043d\u0442\u0430:<\/p>\n \u0418 \u0441\u043a\u043e\u043f\u0438\u0440\u0443\u0435\u043c \u0432 \u043d\u0435\u0433\u043e \u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0435\u0435:<\/p>\n \u0421\u043e\u0437\u0434\u0430\u0435\u043c \u043f\u0430\u043f\u043a\u0443 \u0434\u043b\u044f \u043a\u043b\u044e\u0447\u0435\u0439 \u0438 \u043a\u043e\u043f\u0438\u0440\u0443\u0435\u043c \u043d\u0443\u0436\u043d\u044b\u0435 \u0441\u043a\u0440\u0438\u043f\u0442\u044b \u0434\u043b\u044f \u0441\u043e\u0437\u0434\u0430\u043d\u0438\u044f \u0438\u0445:<\/p>\n \u0414\u043b\u044f \u0443\u0434\u043e\u0431\u0441\u0442\u0432\u0430 \u043c\u043e\u0436\u0435\u043c \u0441\u0440\u0430\u0437\u0443 \u0432 \u043f\u0435\u0440\u0435\u043c\u0435\u043d\u043d\u044b\u0435 \u0441\u0440\u0435\u0434\u044b \u0443\u043a\u0430\u0437\u0430\u0442\u044c \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044e \u043d\u0443\u0436\u043d\u0443\u044e \u0434\u043b\u044f \u0441\u043e\u0437\u0434\u0430\u043d\u0438\u044f \u043a\u043b\u044e\u0447\u0435\u0439, \u0434\u0430\u0431\u044b \u0432 \u0431\u0443\u0434\u0443\u0449\u0435\u043c \u0435\u0435 \u043f\u043e\u0441\u0442\u043e\u044f\u043d\u043d\u043e \u043d\u0435 \u0432\u0432\u043e\u0434\u0438\u0442\u044c:<\/p>\n \u0418 \u043f\u0440\u0438\u0432\u0435\u0434\u0435\u043c \u0435\u0433\u043e \u043a \u0442\u0430\u043a\u043e\u043c\u0443 \u0432\u0438\u0434\u0443:<\/p>\n \u041a\u043e\u043f\u0438\u0440\u0443\u0435\u043c \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u044e OpenSSL<\/strong>:<\/p>\n \u041f\u0435\u0440\u0435\u0445\u043e\u0434\u0438\u043c \u0432 \u043f\u0430\u043f\u043a\u0443 \u0441\u043e \u0441\u043a\u0440\u0438\u043f\u0442\u0430\u043c\u0438 \u0434\u043b\u044f \u0441\u043e\u0437\u0434\u0430\u043d\u0438\u044f \u043a\u043b\u044e\u0447\u0435\u0439, \u0438 \u043e\u0447\u0438\u0449\u0430\u0435\u043c \u0441\u043e\u0434\u0435\u0440\u0436\u0438\u043c\u043e\u0435 \u0435\u0435 \u0434\u043b\u044f \u043d\u0430\u0448\u0438\u0445 \u0431\u0443\u0434\u0443\u0449\u0438\u0445 \u043a\u043b\u044e\u0447\u0435\u0439:<\/p>\n \u0421\u043e\u0437\u0434\u0430\u0434\u0438\u043c \u043a\u043e\u0440\u043d\u0435\u0432\u043e\u0439 \u0441\u0435\u0440\u0442\u0438\u0444\u0438\u043a\u0430\u0442:<\/p>\n \u0421\u043e\u0437\u0434\u0430\u0434\u0438\u043c \u043a\u043b\u044e\u0447 \u0438 \u043f\u0443\u0431\u043b\u0438\u0447\u043d\u044b\u0439 \u0441\u0435\u0440\u0442\u0438\u0444\u0438\u043a\u0430\u0442:<\/p>\n \u0421\u043e\u0437\u0434\u0430\u0434\u0438\u043c Diffie-Hellman<\/strong> \u043a\u043b\u044e\u0447:<\/p>\n \u041f\u0435\u0440\u0435\u0439\u0434\u0435\u043c \u0432 \u043a\u0430\u0442\u0430\u043b\u043e\u0433 \u0441 \u043a\u043b\u044e\u0447\u0430\u043c\u0438 \u0438 \u0441\u0435\u0440\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u0430\u043c\u0438, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043c\u044b \u0441\u043e\u0437\u0434\u0430\u043b\u0438:<\/p>\n \u0418 \u0441\u043a\u043e\u043f\u0438\u0440\u0443\u0435\u043c \u043d\u0443\u0436\u043d\u044b\u0435 \u043d\u0430\u043c \u0444\u0430\u0439\u043b\u044b \u0432 \u043a\u0430\u0442\u0430\u043b\u043e\u0433 OpenVPN<\/strong>'a:<\/p>\n <\/p>\n \u0412\u0430\u0436\u043d\u043e \u0447\u0442\u043e\u0431\u044b \u043f\u043e\u0441\u043b\u0435 \u043a\u043e\u043f\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f \u0443 \u044d\u0442\u0438\u0445 \u0444\u0430\u0439\u043b\u043e\u0432 \u0441\u043e\u0445\u0440\u0430\u043d\u0438\u043b\u0438\u0441\u044c \u043f\u0440\u0430\u0432\u0430<\/p><\/blockquote>\n <\/p>\n \u0421\u043e\u0437\u0434\u0430\u0434\u0438\u043c \u0441\u0435\u0440\u0442\u0438\u0444\u0438\u043a\u0430\u0442 \u0438 \u043a\u043b\u044e\u0447 \u0434\u043b\u044f \u043a\u043b\u0438\u0435\u043d\u0442\u0430:<\/p>\n \u0414\u0430\u043b\u044c\u0448\u0435 \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u044f \u043f\u0440\u0438\u0432\u043e\u0434\u0438\u0442\u0441\u044f \u0434\u043b\u044f iptables<\/strong>, \u0435\u0441\u043b\u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442\u0441\u044f firewalld<\/strong> \u0442\u043e \u043e\u0442\u043a\u043b\u044e\u0447\u0438\u0442\u044c \u0435\u0433\u043e \u043c\u043e\u0436\u043d\u043e \u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0438\u043c \u043e\u0431\u0440\u0430\u0437\u043e\u043c:<\/p>\n <\/p>\n \u041e\u0431\u044f\u0437\u0430\u0442\u0435\u043b\u044c\u043d\u043e \u043f\u0440\u043e\u0432\u0435\u0440\u044c\u0442\u0435 \u043f\u0440\u0430\u0432\u0438\u043b\u044c\u043d\u043e\u0441\u0442\u044c \u043d\u0430\u0437\u0432\u0430\u043d\u0438\u044f \u0438\u043d\u0442\u0435\u0440\u0444\u0435\u0439\u0441\u0430, \u0432 \u043c\u043e\u0435\u043c \u0441\u043b\u0443\u0447\u0430\u0435 \u044d\u0442\u043e eth0<\/p><\/blockquote>\n \u0412 \u0444\u0430\u0439\u043b\u0435 \"\/etc\/sysctl.conf<\/strong>\" \u0440\u0430\u0437\u0440\u0435\u0448\u0430\u0435\u043c \u0444\u043e\u0440\u0432\u0430\u0440\u0434\u0438\u043d\u0433 \u043f\u0430\u043a\u0435\u0442\u043e\u0432:<\/p>\n \u0418 \u043f\u0435\u0440\u0435\u0437\u0430\u043f\u0443\u0441\u043a\u0430\u0435\u043c \u0441\u043b\u0443\u0436\u0431\u0443 \u0441\u0435\u0442\u0438:<\/p>\n \u0414\u043e\u0431\u0430\u0432\u043b\u044f\u0435\u043c \u0441\u043b\u0443\u0436\u0431\u0443 OpenVPN<\/strong> \u0432 \u0430\u0432\u0442\u043e\u0437\u0430\u043f\u0443\u0441\u043a \u0438 \u0441\u0442\u0430\u0440\u0442\u0443\u0435\u043c \u0435\u0435:<\/p>\n \u0421\u043e\u0437\u0434\u0430\u0434\u0438\u043c \u0444\u0430\u0439\u043b \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u0438 \u043a\u043b\u0438\u0435\u043d\u0442\u0430 \u0434\u043b\u044f \u043f\u043e\u0434\u043a\u043b\u044e\u0447\u0435\u043d\u0438\u044f \u043a \u0441\u0435\u0440\u0432\u0435\u0440\u0443, \u0441\u0440\u0430\u0437\u0443 \u0432\u0441\u0442\u0430\u0432\u0438\u0432 \u043d\u0443\u0436\u043d\u044b\u0435 \u043a\u043b\u044e\u0447\u0438 \u0438 \u0441\u0435\u0440\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u044b:<\/p>\n \u0418 \u0441\u043a\u043e\u043f\u0438\u0440\u0443\u0435\u043c \u0432 \u043d\u0435\u0433\u043e \u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0435\u0435:<\/p>\n \u0414\u0430\u043b\u044c\u0448\u0435 \u044d\u0442\u043e\u0442 \u0444\u0430\u0439\u043b \u043c\u043e\u0436\u043d\u043e \u0438\u043c\u043f\u043e\u0440\u0442\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u043d\u0430 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430 \u043a\u043b\u0438\u0435\u043d\u0442\u043e\u0432 \u0438 \u043f\u043e\u0434\u043a\u043b\u044e\u0447\u0430\u0442\u044c\u0441\u044f \u043a \u0441\u0435\u0440\u0432\u0435\u0440\u0443.<\/p>\n","protected":false},"excerpt":{"rendered":" \u0426\u0435\u043b\u044c: \u041f\u0443\u0441\u0442\u0438\u0442\u044c \u0447\u0435\u0440\u0435\u0437 VPN \u0442\u043e\u043b\u044c\u043a\u043e \u0441\u0435\u0442\u0438, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043f\u043e\u043f\u0430\u0434\u0430\u044e\u0442 \u043f\u043e\u0434 \u0437\u0430\u043f\u0440\u0435\u0442, \u043e\u0441\u0442\u0430\u043b\u044c\u043d\u044b\u0435 \u0434\u043e\u043b\u0436\u043d\u044b \u0438\u0434\u0442\u0438 "\u043d\u0430\u043f\u0440\u044f\u043c\u0443\u044e". \u0422\u0430\u043a \u0436\u0435 \u0432\u0430\u0436\u043d\u043e \u0443\u0434\u043e\u0431\u0441\u0442\u0432\u043e \u043f\u043e\u0434\u043a\u043b\u044e\u0447\u0435\u043d\u0438\u044f \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432, \u043a\u0440\u043e\u0441\u0441\u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u0435\u043d\u043d\u043e\u0441\u0442\u044c, \u0441\u043a\u043e\u0440\u043e\u0441\u0442\u044c \u0438 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u044c. \u0412\u0441\u0435 \u0448\u0430\u0433\u0438 \u0431\u044b\u043b\u0438 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u044b \u043d\u0430 CentOS 7. \u0423\u0441\u0442\u0430\u043d\u043e\u0432\u0438\u043c \u0440\u0435\u043f\u043e\u0437\u0438\u0442\u043e\u0440\u0438\u0439 EPEL, \u0435\u0441\u043b\u0438 \u0435\u0433\u043e \u0435\u0449\u0435 \u043d\u0435\u0442 \u0432 \u0441\u0438\u0441\u0442\u0435\u043c\u0435 \u0438 \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u0438\u043c \u043d\u0443\u0436\u043d\u044b\u0435 \u043f\u0430\u043a\u0435\u0442\u044b: \u0421\u043e\u0437\u0434\u0430\u0435\u043c \u0444\u0430\u0439\u043b \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u0438:<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":[],"categories":[42],"tags":[5,12],"_links":{"self":[{"href":"https:\/\/artem.services\/index.php?rest_route=\/wp\/v2\/posts\/89"}],"collection":[{"href":"https:\/\/artem.services\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/artem.services\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/artem.services\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/artem.services\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=89"}],"version-history":[{"count":13,"href":"https:\/\/artem.services\/index.php?rest_route=\/wp\/v2\/posts\/89\/revisions"}],"predecessor-version":[{"id":1762,"href":"https:\/\/artem.services\/index.php?rest_route=\/wp\/v2\/posts\/89\/revisions\/1762"}],"wp:attachment":[{"href":"https:\/\/artem.services\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=89"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/artem.services\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=89"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/artem.services\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=89"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}\r\nyum install epel-release -y\r\nyum install openvpn easy-rsa -y\r\n<\/pre>\n
\r\nvim \/etc\/openvpn\/server.conf\r\n<\/pre>\n
\r\nlocal CHANGE_THIS_ON_YOUR_PUBLIC_IP\r\nport 1194\r\n\r\nproto udp\r\ndev-type tun\r\ndev tun\r\n\r\nca ca.crt\r\ncert server.crt\r\nkey server.key\r\n\r\ndh dh2048.pem\r\n\r\ntopology subnet\r\nserver 10.8.0.0 255.255.255.0\r\n\r\ntxqueuelen 250\r\nkeepalive 300 900\r\n\r\ncipher AES-128-CBC\r\nncp-ciphers AES-128-GCM\r\n\r\nuser nobody\r\ngroup nobody\r\n\r\nduplicate-cn\r\n\r\npersist-key\r\npersist-tun\r\n\r\nstatus openvpn-status.log\r\n\r\nclient-config-dir ccd\r\n<\/pre>\n
\r\nmkdir \/etc\/openvpn\/ccd\r\nvim \/etc\/openvpn\/ccd\/DEFAULT\r\n<\/pre>\n
\r\npush "dhcp-option DNS 8.8.8.8"\r\npush "route 8.8.8.8"\r\n\r\npush "dhcp-option DNS 74.82.42.42" # HE.net DNS\r\npush "route 74.82.42.42" # Route to HE.net DNS\r\n\r\n# Persist TUN\r\npush "persist-tun"\r\n\r\n# Routes\r\n\r\n# Yandex network\r\npush "route 5.45.192.0 255.255.192.0"\r\npush "route 5.255.192.0 255.255.192.0"\r\npush "route 37.9.64.0 255.255.192.0"\r\npush "route 37.140.128.0 255.255.192.0"\r\npush "route 77.75.152.0 255.255.248.0"\r\npush "route 77.88.0.0 255.255.192.0"\r\npush "route 84.201.128.0 255.255.192.0"\r\npush "route 87.250.224.0 255.255.224.0"\r\npush "route 93.158.128.0 255.255.192.0"\r\npush "route 95.108.128.0 255.255.128.0"\r\npush "route 100.43.64.0 255.255.224.0"\r\npush "route 109.235.160.0 255.255.248.0"\r\npush "route 130.193.32.0 255.255.224.0"\r\npush "route 141.8.128.0 255.255.192.0"\r\npush "route 178.154.128.0 255.255.128.0"\r\npush "route 185.32.185.0 255.255.255.0"\r\npush "route 185.32.186.0 255.255.255.0"\r\npush "route 185.71.76.0 255.255.252.0"\r\npush "route 199.21.96.0 255.255.252.0"\r\npush "route 199.36.240.0 255.255.252.0"\r\npush "route 213.180.192.0 255.255.224.0"\r\n\r\npush "route-ipv6 2001:678:384::\/48"\r\npush "route-ipv6 2620:10f:d000::\/44"\r\npush "route-ipv6 2a02:6b8::\/32"\r\npush "route-ipv6 2a02:5180::\/32"\r\n\r\n# Mail.ru network\r\npush "route 5.61.16.0 255.255.248.0"\r\npush "route 5.61.232.0 255.255.248.0"\r\npush "route 79.137.157.0 255.255.255.0"\r\npush "route 79.137.183.0 255.255.255.0"\r\npush "route 94.100.176.0 255.255.240.0"\r\npush "route 95.163.32.0 255.255.224.0"\r\npush "route 95.163.248.0 255.255.248.0"\r\npush "route 128.140.168.0 255.255.248.0"\r\npush "route 178.22.88.0 255.255.248.0"\r\npush "route 178.237.16.0 255.255.240.0"\r\npush "route 185.5.136.0 255.255.252.0"\r\npush "route 185.16.148.0 255.255.252.0"\r\npush "route 185.16.244.0 255.255.252.0"\r\npush "route 188.93.56.0 255.255.248.0"\r\npush "route 194.186.63.0 255.255.255.0"\r\npush "route 195.211.20.0 255.255.252.0"\r\npush "route 195.211.128.0 255.255.252.0"\r\npush "route 195.218.168.0 255.255.255.0"\r\npush "route 208.87.92.0 255.255.252.0"\r\npush "route 217.20.144.0 255.255.240.0"\r\npush "route 217.69.128.0 255.255.240.0"\r\n\r\npush "route-ipv6 2a00:1148::\/32"\r\npush "route-ipv6 2a00:a300::\/32"\r\npush "route-ipv6 2a00:b4c0::\/32"\r\n\r\n# VK.com network\r\npush "route 87.240.128.0 255.255.192.0"\r\npush "route 93.186.224.0 255.255.240.0"\r\npush "route 95.142.192.0 255.255.240.0"\r\npush "route 95.213.0.0 255.255.192.0"\r\npush "route 185.29.130.0 255.255.255.0"\r\npush "route 185.32.248.0 255.255.252.0"\r\n\r\npush "route-ipv6 2a00:bdc0::\/36"\r\npush "route-ipv6 2a00:bdc0:e003::\/48"\r\npush "route-ipv6 2a00:bdc0:e004::\/46"\r\npush "route-ipv6 2a00:bdc0:e008::\/48"\r\npush "route-ipv6 2a00:bdc0:f000::\/36"\r\n\r\n# Kaspersky network\r\npush "route 77.74.176.0 255.255.248.0"\r\npush "route 91.103.64.0 255.255.248.0"\r\npush "route 93.159.224.0 255.255.248.0"\r\npush "route 185.54.220.0 255.255.254.0"\r\npush "route 185.85.12.0 255.255.255.0"\r\npush "route 185.85.14.0 255.255.254.0"\r\n\r\npush "route-ipv6 2a03:2480::\/33"\r\n<\/pre>\n
\r\nmkdir -p \/etc\/openvpn\/easy-rsa\/keys\r\ncp -a \/usr\/share\/easy-rsa\/2.0\/* \/etc\/openvpn\/easy-rsa\r\n<\/pre>\n
\r\nvim \/etc\/openvpn\/easy-rsa\/vars\r\n<\/pre>\n
\r\nexport KEY_COUNTRY="UA"\r\nexport KEY_PROVINCE="UA"\r\nexport KEY_CITY="Kiev"\r\nexport KEY_ORG="openvpn"\r\nexport KEY_EMAIL="admin@artem.services"\r\nexport KEY_OU="VPN"\r\nexport KEY_NAME="openvpn"\r\nexport KEY_CN="openvpn.artem.services"\r\n<\/pre>\n
\r\ncp \/etc\/openvpn\/easy-rsa\/openssl-1.0.0.cnf \/etc\/openvpn\/easy-rsa\/openssl.cnf\r\n<\/pre>\n
\r\ncd \/etc\/openvpn\/easy-rsa\r\nsource .\/vars\r\n.\/clean-all\r\n<\/pre>\n
\r\n.\/build-ca\r\n<\/pre>\n
\r\n.\/build-key-server server\r\n<\/pre>\n
\r\n.\/build-dh\r\n<\/pre>\n
\r\ncd \/etc\/openvpn\/easy-rsa\/keys\r\n<\/pre>\n
\r\ncp -a dh2048.pem ca.crt server.crt server.key \/etc\/openvpn\r\n<\/pre>\n
\r\ncd \/etc\/openvpn\/easy-rsa\r\n.\/build-key client\r\n<\/pre>\n
\r\nyum install iptables-services -y\r\nsystemctl mask firewalld\r\nsystemctl enable iptables\r\nsystemctl stop firewalld\r\nsystemctl start iptables\r\niptables --flush\r\n\r\n\u0414\u043e\u0431\u0430\u0432\u043b\u044f\u0435\u043c \u043f\u0440\u0430\u0432\u0438\u043b\u043e \u0432 iptables \u0438 \u0441\u043e\u0445\u0440\u0430\u043d\u044f\u0435\u043c:\r\n\r\n\r\niptables -t nat -A POSTROUTING -s 10.8.0.0\/24 -o eth0 -j MASQUERADE\r\niptables-save > \/etc\/sysconfig\/iptables\r\n<\/pre>\n
\r\nnet.ipv4.ip_forward = 1\r\n<\/pre>\n
\r\nsystemctl restart network.service\r\n<\/pre>\n
\r\nsystemctl -f enable openvpn@server.service\r\nsystemctl start openvpn@server.service\r\n<\/pre>\n
\r\nvim openvpn.ovpn\r\n<\/pre>\n
\r\nclient\r\nremote artem.services 1194\r\n\r\nnobind\r\n\r\nremote-cert-tls server\r\n\r\ncipher AES-128-CBC\r\n\r\nsetenv opt ncp-ciphers AES-128-GCM\r\n\r\nsetenv opt block-outside-dns\r\n\r\ndev tun\r\n\r\nproto udp\r\n<ca>\r\n\u0421\u041e\u0414\u0415\u0420\u0416\u0418\u041c\u041e\u0415 \u0424\u0410\u0419\u041b\u0410 ca.crt\r\n<\/ca>\r\n\r\n<cert>\r\n\u0421\u041e\u0414\u0415\u0420\u0416\u0418\u041c\u041e\u0415 \u0424\u0410\u0419\u041b\u0410 client.crt\r\n<\/cert>\r\n\r\n<key>\r\n\u0421\u041e\u0414\u0415\u0420\u0416\u0418\u041c\u041e\u0415 \u0424\u0410\u0419\u041b\u0410 client.key\r\n<\/key>\r\n<\/pre>\n