{"id":444,"date":"2018-07-20T17:39:37","date_gmt":"2018-07-20T20:39:37","guid":{"rendered":"http:\/\/rodrigosilvaesilva.com.br\/?p=444"},"modified":"2018-07-20T17:39:37","modified_gmt":"2018-07-20T20:39:37","slug":"automatizando-inicializacao-openvpn-client-com-arquivo-senha","status":"publish","type":"post","link":"https:\/\/rodrigosilvaesilva.com.br\/index.php\/2018\/07\/20\/automatizando-inicializacao-openvpn-client-com-arquivo-senha\/","title":{"rendered":"Automatizando inicializa\u00e7\u00e3o OpenVPN Client com arquivo senha"},"content":{"rendered":"
Instala\u00e7\u00e3o OpenVPN<\/h6>\n
[root@localhost ~]# yum install openvpn\nLoaded plugins: fastestmirror\nLoading mirror speeds from cached hostfile\n * base: centos.xpg.com.br\n * epel: mirror.globo.com\n * extras: centos.xpg.com.br\n * updates: centos.xpg.com.br\nResolving Dependencies\n--> Running transaction check\n---> Package openvpn.x86_64 0:2.4.6-1.el7 will be installed\n--> Finished Dependency Resolution\n\nDependencies Resolved\n\n==========================================================================================================================\n Package                     Arch                       Version                            Repository                Size\n==========================================================================================================================\nInstalling:\n openvpn                     x86_64                     2.4.6-1.el7                        epel                     518 k\n\nTransaction Summary\n==========================================================================================================================\nInstall  1 Package\n\nTotal download size: 518 k\nInstalled size: 1.2 M\nIs this ok [y\/d\/N]: y\nDownloading packages:\nopenvpn-2.4.6-1.el7.x86_64.rpm                                                                     | 518 kB  00:00:00\nRunning transaction check\nRunning transaction test\nTransaction test succeeded\nRunning transaction\n  Installing : openvpn-2.4.6-1.el7.x86_64                                                                             1\/1\n  Verifying  : openvpn-2.4.6-1.el7.x86_64                                                                             1\/1\n\nInstalled:\n  openvpn.x86_64 0:2.4.6-1.el7\n\nComplete!\n<\/pre>\n
Modelo Cert teste.conf<\/h6>\n
O arquivo teste.conf deve estar no diret\u00f3rio \/etc\/openvpn<\/p>\n
[root@localhost bkp]# cat teste.conf\ndev tun\npersist-tun\npersist-key\ncipher BF-CBC\nauth SHA1\ntls-client\nclient\nresolv-retry infinite\nremote destino.com.br 1194 tcp-client\nauth-user-pass \/etc\/openvpn\/senha\nremote-cert-tls server\ncompress lzo\n\n<ca>\n-----BEGIN CERTIFICATE-----\nMIIEPzCCAyegAwIBAgIBADANBgkqhkiG9w0BAQsFADBzMQswCQYDVQQGEwJCUjEL\nMAkGA1UECBMCU1AxCzAJBgNVBAcTAlJQMQwwCgYDVQQKEwNDQ00xKzApBgkqhkiG\n9w0BCQEWHHN1cG9ydGVAY2NtdGVjbm9sb2dpYS5jb20uYnIxDzANBgNVBAMTBkNB\nLVZJUDAeFw0xODA2MjUxOTAxNTVaFw0yODA2MjIxOTAxNTVaMHMxCzAJBgNVBAYT\nAkJSMQswCQYDVQQIEwJTUDELMAkGA1UEBxMCUlAxDDAKBgNVBAoTA0NDTTErMCkG\nCSqGSIb3DQEJARYcc3Vwb3J0ZUBjY210ZWNub2xvZ2lhLmNvbS5icjEPMA0GA1UE\nAxMGQ0EtVklQMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyzp0fw72\nXhEUx7EbUwMcpTqSSw4wcWo8k0RCSaCxYaYTcbMsrMtv+D5kzjWIMQhih9tXyJ\/t\nBZq6eNPKLATw7l5nAjggeSF0LOSKjRUMkCqn6G1Mp49rcec5bYyoRTQtbuUVWo6p\nz3vZPQQDEwZDQS1WSVCCAQAwDAYDVR0TBAUwAwEB\/zALBgNVHQ8EBAMCAQYw\nDQYJKoZIhvcNAQELBQADggEBALH+uPieHUJ6mulImbI6grkLve7POGiEICE2dtWg\nSmwK4MiBzFPPi9tJA7D+Q9RlY25vbG9naWEuY29tLmJy\nMQ8wDQYDVQQDEwZDQS1WSVCCAQAwDAYDVR0TBAUwAwEB\/zALBgNVHQ8EBAMCAQYw\nDQYJKoZIhvcNAQELBQADggEBALH+uPieHUJ6mulImbI6grkLve7POGiEICE2dtWg\nSmwK4MiBzFPPi9tJA7D+Q98jhpngTB4G6v5pvQcKV0ShHuS1ddoUujgRWhG2xIJz\nwNcdTL3ze5WoUbvR3FwFLOv5dX259uMADWAl8oCBdwO6ZWms6Q7jPad2myAJPTPY\ngWmRGrSkGIs9H+i5vAi6lJ9wJhCRoKzdcCeueN9kwmgvHtyY3NeqxiD5syLvmYSJ\nEOv9UCuM+WjRsZdiiACYwtYw9MbH0BmE3rv3RTE8evzGRlJq8J6BOOqZAW+4eTmS\nFL2vZjlFpxKIj+7IvYYUKfTQ657MDWCdt9ESmlz7ZfO3NnM=\n-----END CERTIFICATE-----\n<\/ca>\nsetenv CLIENT_CERT 0\n<\/pre>\n
Arquivo de senha diret\u00f3rio \/etc\/openvpn\/senha<\/p>\n
Dentro do arquivo de senha deve conter<\/p>\n
usuario\nsenha<\/pre>\n
Iniciar servi\u00e7o openvpn teste.conf<\/p>\n
[root@localhost openvpn]# systemctl start openvpn@teste\n<\/pre>\n
Verificando o status<\/p>\n
[root@localhost openvpn]# systemctl status openvpn@teste\n\u25cf openvpn@teste.service - OpenVPN Robust And Highly Flexible Tunneling Application On teste1\n   Loaded: loaded (\/usr\/lib\/systemd\/system\/openvpn@.service; enabled; vendor preset: disabled)\n   Active: active (running) since Fri 2018-07-20 17:13:16 -03; 7s ago\n Main PID: 984 (openvpn)\n   Status: \"Initialization Sequence Completed\"\n   CGroup: \/system.slice\/system-openvpn.slice\/openvpn@teste1.service\n           \u2514\u2500984 \/usr\/sbin\/openvpn --cd \/etc\/openvpn\/ --config teste1.conf\n\nJul 20 17:13:17 localhost.localdomain openvpn[984]: Fri Jul 20 17:13:17 2018 TCP connection established with [AF_IN...1684\nJul 20 17:13:17 localhost.localdomain openvpn[984]: Fri Jul 20 17:13:17 2018 TCP_CLIENT link local: (not bound)\nJul 20 17:13:17 localhost.localdomain openvpn[984]: Fri Jul 20 17:13:17 2018 TCP_CLIENT link remote: [AF_INET]200.2...1684\nJul 20 17:13:17 localhost.localdomain openvpn[984]: Fri Jul 20 17:13:17 2018 WARNING: this configuration may cache ...this\nJul 20 17:13:18 localhost.localdomain openvpn[984]: Fri Jul 20 17:13:18 2018 [Server-VIP] Peer Connection Initiated...1684\nJul 20 17:13:19 localhost.localdomain openvpn[984]: Fri Jul 20 17:13:19 2018 TUN\/TAP device tun0 opened\nJul 20 17:13:19 localhost.localdomain openvpn[984]: Fri Jul 20 17:13:19 2018 do_ifconfig, tt->did_ifconfig_ipv6_setup=0\nJul 20 17:13:19 localhost.localdomain openvpn[984]: Fri Jul 20 17:13:19 2018 \/sbin\/ip link set dev tun0 up mtu 1500\nJul 20 17:13:19 localhost.localdomain openvpn[984]: Fri Jul 20 17:13:19 2018 \/sbin\/ip addr add dev tun0 172.19.77.2....255\nJul 20 17:13:19 localhost.localdomain openvpn[984]: Fri Jul 20 17:13:19 2018 Initialization Sequence Completed\nHint: Some lines were ellipsized, use -l to show in full.\n<\/pre>\n
Verificando tunnel ativo<\/p>\n
[root@localhost openvpn]# ifconfig tun\ntun0: flags=4305<UP,POINTOPOINT,RUNNING,NOARP,MULTICAST>  mtu 1500\n        inet 172.5.7.2  netmask 255.255.255.0  destination 172.5.7.2\n        inet6 fe80::a1a5:803a:c7bb:81ce  prefixlen 64  scopeid 0x20<link>\n        unspec 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00  txqueuelen 100  (UNSPEC)\n        RX packets 0  bytes 0 (0.0 B)\n        RX errors 0  dropped 0  overruns 0  frame 0\n        TX packets 3  bytes 144 (144.0 B)\n        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0\n<\/pre>\n
Habilitando servi\u00e7o servi\u00e7o OpenVpn inicializa\u00e7\u00e3o<\/p>\n
[root@localhost ~]# systemctl -f enable openvpn@teste\nCreated symlink from \/etc\/systemd\/system\/multi-user.target.wants\/openvpn@teste.service to \/usr\/lib\/systemd\/system\/openvpn@.service.<\/pre>\n
 <\/p>\n
 <\/p>\n","protected":false},"excerpt":{"rendered":"
Instala\u00e7\u00e3o OpenVPN [root@localhost ~]# yum install openvpn Loaded plugins: fastestmirror Loading mirror speeds from cached hostfile * base: centos.xpg.com.br * epel: mirror.globo.com * extras: centos.xpg.com.br * updates: centos.xpg.com.br Resolving Dependencies –> Running transaction check —> Package openvpn.x86_64 0:2.4.6-1.el7 will be installed –> Finished Dependency Resolution Dependencies Resolved ========================================================================================================================== Package Arch Version Repository Size ========================================================================================================================== Installing:…<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[5],"tags":[47,208],"class_list":["post-444","post","type-post","status-publish","format-standard","hentry","category-linux","tag-automatizando-inicializacao-openvpn-client-com-arquivo-senha","tag-openvpn"],"_links":{"self":[{"href":"https:\/\/rodrigosilvaesilva.com.br\/index.php\/wp-json\/wp\/v2\/posts\/444","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/rodrigosilvaesilva.com.br\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/rodrigosilvaesilva.com.br\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/rodrigosilvaesilva.com.br\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/rodrigosilvaesilva.com.br\/index.php\/wp-json\/wp\/v2\/comments?post=444"}],"version-history":[{"count":0,"href":"https:\/\/rodrigosilvaesilva.com.br\/index.php\/wp-json\/wp\/v2\/posts\/444\/revisions"}],"wp:attachment":[{"href":"https:\/\/rodrigosilvaesilva.com.br\/index.php\/wp-json\/wp\/v2\/media?parent=444"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/rodrigosilvaesilva.com.br\/index.php\/wp-json\/wp\/v2\/categories?post=444"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/rodrigosilvaesilva.com.br\/index.php\/wp-json\/wp\/v2\/tags?post=444"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}