12.0
openvpnopenvpn deleteopenvpn delete |
id | openvpn delete id "6" | |
openvpn getopenvpn get |
- | openvpn get | |
openvpn newopenvpn new |
|||
| id | |||
| name | |||
| mode | |||
| proto | |||
| auth | |||
| cert | |||
| dh_size | |||
| mtu | |||
| pool | |||
| flags | |||
| local_addr | |||
| local_port | |||
| remote | |||
| max_clients | |||
| interface | |||
| push_subnet_id | |||
| push_subnet | |||
openvpn setopenvpn set |
id | openvpn new | |
openvpn exportopenvpn export |
user | openvpn export user "Benutzername" type "config" | |
openvpn statusopenvpn status |
- | openvpn status | |
openvpn disconnectopenvpn disconnect |
openvpn disconnect name "RW_Test" c_name "vpnuser" | ||
| name | |||
| c_came | |||
openvpn updateopenvpn update |
- | openvpn update | |
openvpn cipheropenvpn cipher get_availableopenvpn cipher get_available |
|||
openvpn digest_algorithmopenvpn digest_algorithm get_availableopenvpn digest_algorithm get_available |
|||
openvpn push_subnetopenvpn push_subnet newopenvpn push_subnet new |
openvpn push_subnet new openvpn_id "3" push_subnet 192.168.176.0/24 | ||
| openvpn_id | |||
| push_subnet | |||
openvpn push_subnet deleteopenvpn push_subnet delete |
openvpn push_subnet delete openvpn_id "3" push_subnet_id 15 | ||
| openvpn_id | |||
| push_subnet_id | |||
openvpn remoteopenvpn remote getopenvpn remote get |
- | openvpn remote get | |
openvpn remote newopenvpn remote new |
Anlegen eines neuen SSL-VPN Remote-Profils | openvpn remote new name "Client1" common_name "Client_cert" tunnel_addr "192.168.250.10/24" subnets "192.168.176.0/24" | |
| id | |||
| openvpn_id | |||
| name | |||
| common_name | |||
| tunnel_addr | |||
| hosts | |||
| subnets | |||
| push_subnets | |||
openvpn remote setopenvpn remote set |
id | openvpn remote new | openvpn remote set id "3" tunnel_addr "192.168.250.2/24" |
openvpn remote deleteopenvpn remote delete |
id | openvpn remote delete id "3" | |
openvpn optionopenvpn option getopenvpn option get |
|||
| id | |||
| name | |||
| value | |||
| description |
interface new name "tun0" type "TUN" interface zone new name "vpn-openvpn-server_conn" interface tun0}}
cert new common_name "myCA" cert new common_name "Server_cert" issuer_id 130 cert new common_name "Client_cert" issuer_id 130 id |common_name|bits|valid_since |valid_till |issuer|flags |status ---+-----------+----+-------------------+-------------------+------+------+------ 130|myCA |1024|2011-08-25-10-41-16|2012-08-24-10-41-16|myCA |KEY,CA|OK 131|Server_cert|1024|2011-08-25-10-41-43|2012-08-24-10-41-43|myCA |KEY |OK 132|Client_cert|1024|2011-08-25-10-42-04|2012-08-24-10-42-04|myCA |KEY |OK
cert export x509 id 130 cert export x509 id 132
()
openvpn remote new name "Client1" common_name "Client_cert" tunnel_addr "192.168.250.10" subnets 192.168.176.0/24
openvpn remote new name "s2s-Server" hosts 192.168.4.143
Roadwarrior
openvpn new name "RW-Verbindung" mode "SERVER" proto "UDP" auth "LOCAL" cert "Server_cert" pool "192.168.250.0/24" mtu "1500" interface "tun0" local_port "1194" reneg "3600" push_subnet "192.168.175.0/24" dh_size "2048"
Site to Site
openvpn new name "s2s-conn" mode "SERVER" proto "UDP" auth "NONE" cert "Server_cert" dh_size "2048" mtu "1400" pool "192.168.250.0/24" interface tun0
openvpn new name "s2s-client" mode "CLIENT" proto "UDP" auth "NONE" cert "Client_cert" dh_size "2048" mtu "1400" interface "tun0" remote s2s-Server
Multiple OpenvpnServer
openvpn remote set id 2 hosts 192.168.4.143,192.168.176.1
firewall.foo.local> openvpn remote get id|name |hosts --+----------------+--------------------------- 2 |remote_sslserver|192.168.4.143,192.168.176.1
firewall.foo.local> openvpn remote set id 2 hosts 192.168.4.143:1195,192.168.176.1:1196 id|name |hosts --+----------------+---------------------------------- 2 |remote_sslserver|192.168.4.143:1195,192.168.176.1:1196