dd-wrtでOpenVPN (6)
サーバ側(dd-wrt)の設定
Services > VPNの設定でOpenVPNの設定を入れていく。
クライアント側の設定(ubuntu)
参考:https://qiita.com/noraworld/items/05658055446c41482cce
$ sudo apt-get -y install network-manager-openvpn-gnome
GUIで設定できる。(設定> Network > (+) VPN)
Advanced項目(変更した項目)
(つづく)
Services > VPNの設定でOpenVPNの設定を入れていく。
| 項目 | 値 |
|---|---|
| OpenVPN | Enable |
| CVE-2019-14899 Mitigation | Enable |
| Start Type | WAN Up |
| Inbound Firewall on TUN | (no) |
| Configure as | GUI(server) |
| Server mode | Router(TUN) |
| Network | 10.10.1.0 |
| Netmask | 255.255.255.0 |
| Port | 1194 |
| Tunnel Protocol | udp |
| Encryption Cipher | AES-256-CBC |
| Has Algorithm | SHA256 |
| First Data Cipher | AES-256-CBC |
| Second Data Cipher | AES-256-CBC |
| Third Data Cipher | AES-256-CBC |
| Advanced Option | Disable |
| Public Server Key | (server3.key) |
| DH PEM | (dh2048.pem) |
| Additional Config | |
| TLS Key Choice | TLS Auth |
| TLS Key | |
| Certificate Revoke List |
クライアント側の設定(ubuntu)
参考:https://qiita.com/noraworld/items/05658055446c41482cce
$ sudo apt-get -y install network-manager-openvpn-gnome
GUIで設定できる。(設定> Network > (+) VPN)
| 項目 | 値 |
|---|---|
| Gateway | dd-wrtのIPアドレス |
| Authentication Type | Certificates (TLS) |
| User Certificate | client1.crt |
| CA Certificate | ca.crt |
| Private Key | client1.key |
| Private Key Password |
| 項目 | 値 |
|---|---|
| Use LZO data compression | y |
| Cipher | AES-256-CBC |
| Cipher | AES-256-CBC |
| Use custom size of cipher key | 256 |
| HMAC Authentication | SHA-256 |
