OpenVPN server on Openbsd 5.2 (EasyRSA 3, Libre SSL)

OpenVPN tutorials ranging from configuration to hacks to compilation will be posted here.
Post Reply
OpenVpn Newbie
Posts: 3
Joined: Mon Dec 22, 2014 10:09 am

OpenVPN server on Openbsd 5.2 (EasyRSA 3, Libre SSL)

Post by chrisunix » Mon Dec 22, 2014 10:22 am

Hello everyone.
In case anyone is interested - I have prepared a guide for running OpenVPN on OpenBSD 5.2.

Any comments / additions / critics are welcome.
Please forgive me if I am slow to respond to your posts.

Highlights of this guide:
[*]OpenVPN community version - available as package for OpenBSD
[*]creating keys and certificates using easy-rsa 3
[*]chrooted env
[*]Using pre-shared secret in addition to SSL - as additional protection (also against DOS attacks)
[*]startup via /etc/hostname and (optionally) also via /etc/rc.d/openvpn script
[*]example pf.conf firewall rules
[*]settings for samba wins
[*]optional - additional authentication (vpn username/password) using simple custom script
[*]optional - additional authentication using ldap/bsd (when not-chrooted)
[*]appendix - fixing EasyRSA3 error "Missing or invalid OpenSSL"
[*]appendix - migration of certificates/keys framework from easyrsa 2.0 to easyrsa 3

Post Reply