dd-wrtでOpenVPN (6)
サーバ側(dd-wrt)の設定
Services > VPNの設定でOpenVPNの設定を入れていく。
クライアント側の設定(ubuntu)
参考:https://qiita.com/noraworld/items/05658055446c41482cce
$ sudo apt-get -y install network-manager-openvpn-gnome
GUIで設定できる。(設定> Network > (+) VPN)
Advanced項目(変更した項目)
(つづく)
Services > VPNの設定でOpenVPNの設定を入れていく。
項目 | 値 |
---|---|
OpenVPN | Enable |
CVE-2019-14899 Mitigation | Enable |
Start Type | WAN Up |
Inbound Firewall on TUN | (no) |
Configure as | GUI(server) |
Server mode | Router(TUN) |
Network | 10.10.1.0 |
Netmask | 255.255.255.0 |
Port | 1194 |
Tunnel Protocol | udp |
Encryption Cipher | AES-256-CBC |
Has Algorithm | SHA256 |
First Data Cipher | AES-256-CBC |
Second Data Cipher | AES-256-CBC |
Third Data Cipher | AES-256-CBC |
Advanced Option | Disable |
Public Server Key | (server3.key) |
DH PEM | (dh2048.pem) |
Additional Config | |
TLS Key Choice | TLS Auth |
TLS Key | |
Certificate Revoke List |
クライアント側の設定(ubuntu)
参考:https://qiita.com/noraworld/items/05658055446c41482cce
$ sudo apt-get -y install network-manager-openvpn-gnome
GUIで設定できる。(設定> Network > (+) VPN)
項目 | 値 |
---|---|
Gateway | dd-wrtのIPアドレス |
Authentication Type | Certificates (TLS) |
User Certificate | client1.crt |
CA Certificate | ca.crt |
Private Key | client1.key |
Private Key Password |
項目 | 値 |
---|---|
Use LZO data compression | y |
Cipher | AES-256-CBC |
Cipher | AES-256-CBC |
Use custom size of cipher key | 256 |
HMAC Authentication | SHA-256 |