WelcomeWelcome | FAQFAQ | DownloadsDownloads | WikiWiki

Author Topic: [SOLVED]Installation and configuring/connecting to OpenVPN on Microcore guide...  (Read 15456 times)

Offline nvrnight

  • WikiUser
  • *
  • Posts: 5
Hi Everyone,

I've finally gotten through the adventure of setting up OpenVPN on TinyCore. There were a few convoluted steps here and there that I had to figure out and to save anyone else the trouble I will put everything I did here in this thread.

Anyway, I did a fresh install of Core using the GUI off the TinyCorePlus iso.
Installation instructions can be found here: http://distro.ibiblio.org/tinycorelinux/install.html

I setup an FTP server so I can retrieve the client certificates off the machine. (Thanks to robc for his help http://forum.tinycorelinux.net/index.php/topic,8952.msg48655.html#msg48655)
Code: [Select]
tce-load -wi vsftpd
edit the FTP config file
Code: [Select]
sudo vi /usr/local/etc/vsftpd.confanonymous_enable=NO
uncomment local_enable=YES and write_enable=YES

Code: [Select]
sudo vsftpd &
At this point you should be able to connect to your ftp server with an FTP client such a Filezilla using your local account credentials on TinyCore

Now we will start setting up OpenVPN...

Install OpenVPN
Code: [Select]
tce-load -wi openvpn
Download and unpack openvpn's source from their site to get the Easy-RSA tools to make certificate setup easy.
Code: [Select]
wget http://swupdate.openvpn.org/community/releases/openvpn-2.2.2.tar.gz
tar -zxf openvpn-2.2.2.tar.gz
mv openvpn-2.2.2/easy-rsa easy-rsa
rm -rf openvpn-2.2.2
rm -f openvpn-2.2.2.tar.gz
cd easy-rsa/2.0

edit whichopensslcnf, there is a bug not allowing it to see the correct version of openssl.cnf, this edit will fix that
Code: [Select]
vi whichopensslcnfchange cnf="$1/openssl.cnf" to cnf="$1/openssl-1.0.0.cnf"
remove all lines inside the following if statement

edit vars, we will change the default values for the certificate information so we don't have to type in new values every time we create a certificate.
Code: [Select]
vi vars
these are the values that need to be changed(at the end of the vars file), the rest can be left alone
KEY_COUNTRY, KEY_PROVINCE, KEY_CITY, KEY_ORG, KEY_EMAIL, KEY_CN, KEY_NAME, KEY_OU

Now we can start building our certificates
Code: [Select]
source ./vars
./clean-all

Create the CA Certificate
Code: [Select]
./build-caFill in the information it asks for(enter for default values)

This file is needed for openVPN, not sure what it actually does, see their site for details.
Code: [Select]
./build-dh
Create the Server Certificate
Code: [Select]
./build-key-server --server nameOfYourServerFill in the information it asks for(enter for default values) and enter y for the confirmations to create the server certificate

Create the client certificate(do this step for each computer connecting to the vpn, each name must be unique)
Code: [Select]
./build-key nameOfYourConnectingComputerFill in the information is asks for(enter for default values) and enter y for the confirmations to create the client certificate

All the keys we just created are stored in the keys folder, let's go back to our home directory
Code: [Select]
cd ~/
We need to create a server.conf file(more info at http://openvpn.net/index.php/open-source/documentation/howto.html#examples)
Code: [Select]
vi server.conf
Add the following lines to the file(your server cert and key may be named differently):
Code: [Select]
port 1194
proto udp
dev tun
ca /home/tc/easy-rsa/2.0/keys/ca.crt
cert /home/tc/easy-rsa/2.0/keys/server.crt
key /home/tc/easy-rsa/2.0/keys/server.key
dh /home/tc/easy-rsa/2.0/keys/dh1024.pem

server 10.8.0.0 255.255.255.0
ifconfig-pool-persist ipp.txt
keepalive 10 120
comp-lzo
persist-key
persist-tun
status openvpn-status.log
verb 3


Now run openvpn server.conf and you should get the message "Initiatialization Sequence Completed"

I'm connecting to the server via a windows machine, but the process is still the same after you have OpenVPN installed on the client computer

Install an FTP client and download the ca.crt, client.crt, client.key files from your TinyCore keys folder and put them in a folder.

You'll need to create a client.conf file, I used the following lines(be sure to change the remote IP to the IP of your TinyCore machine and make the certs point to the files you downloaded off your TinyCore computer)

Code: [Select]
client
dev tun
proto udp
remote 10.10.1.193 1194

resolv-retry infinite
nobind
persist-key
persist-tun
ca C:\\Users\\myuser\\Desktop\\ovpn\\ca.crt
cert C:\\Users\\myuser\\Desktop\\ovpn\\client1.crt
key C:\\Users\\myuser\\Desktop\\ovpn\\client1.key
ns-cert-type server
comp-lzo
verb 3

Now run the following comment to start your VPN client
Code: [Select]
openvpn client.conf
You should get the message "Initialization Sequence Completed" letting you know you have successfully connected to your OpenVPN server.

Hope this helps. :)
« Last Edit: August 03, 2012, 01:23:16 PM by nvrnight »

Offline jls

  • Hero Member
  • *****
  • Posts: 2014
    • Core17
Re: Installing OpenVPN on Core from source...
« Reply #1 on: August 01, 2012, 02:23:07 PM »
openvpn is already on the repo
dCore user

Offline nvrnight

  • WikiUser
  • *
  • Posts: 5
Re: Installing OpenVPN on Core from source...
« Reply #2 on: August 01, 2012, 05:30:11 PM »
What is the package name?

Offline Rich

  • TinyCore Moderator
  • Hero Member
  • *****
  • Posts: 5392
Re: Installing OpenVPN on Core from source...
« Reply #3 on: August 01, 2012, 05:35:21 PM »
Hi nvrnight
It's called  openvpn.tcz

Offline curaga

  • Administrator
  • Hero Member
  • *****
  • Posts: 9565
Re: Installing OpenVPN on Core from source...
« Reply #4 on: August 02, 2012, 01:49:20 AM »
For that matter, so is openssl ;)
The only barriers that can stop you are the ones you create yourself.

Offline nvrnight

  • WikiUser
  • *
  • Posts: 5
Re: Installing OpenVPN on Core from source...
« Reply #5 on: August 02, 2012, 06:57:45 AM »
Heheh, I had issues finding it on the package manager. That's when I discovered it was a problem with my Atheros network card. I switched to using a different machine and was able to download the OpenVPN package. Now I just need to figure out how to use it, it doesn't seem to have a web interface like the .deb package off OpenVPN's site has. I'm guessing I just need to jump through some more hoops. Thanks for the help so far guys.

Offline gerald_clark

  • TinyCore Moderator
  • Hero Member
  • *****
  • Posts: 4243
Re: Installing OpenVPN on Core from source...
« Reply #6 on: August 02, 2012, 07:29:37 AM »
You can find documentation at http://openvpn.net/index.php/open-source.html .

Offline nvrnight

  • WikiUser
  • *
  • Posts: 5
Thanks for the information guys, hopefully this thread will help someone else out in the future.  :)

Offline tinypoodle

  • Hero Member
  • *****
  • Posts: 3857
Thanks for the information guys, hopefully this thread will help someone else out in the future.  :)

Adding [SOLVED] to Subject of first post would be a good idea ;)
"Software gets slower faster than hardware gets faster." Niklaus Wirth - A Plea for Lean Software (1995)

Offline nvrnight

  • WikiUser
  • *
  • Posts: 5
Thanks for the information guys, hopefully this thread will help someone else out in the future.  :)

Adding [SOLVED] to Subject of first post would be a good idea ;)
Done

Offline LevaZzz

  • WikiUser
  • *
  • Posts: 5
Hi
I can't find openvpn.tcz in repo. what repo you means?
could you give me link or something?


Offline LevaZzz

  • WikiUser
  • *
  • Posts: 5
yes i have this repo but in mirrors wrote only "http://repo.tinycorelinux.net" without this tail. But anyway, when i choose this mirror and try to search "openvpn" i can't find.
what i doing wrong?

P.S. i work with this OS 2nd day)))

Thanks for the quick reply

Offline Rich

  • TinyCore Moderator
  • Hero Member
  • *****
  • Posts: 5392
Hi LevaZzz
Which version of Tinycore are you running? 4.x or 5.x?

Offline LevaZzz

  • WikiUser
  • *
  • Posts: 5
downloaded from http://tinycorelinux.net/downloads.html "CorePlus" 2 days ago
5.0.2 i suppose