Difference between revisions of "Neutron/VPNaaS/SSLVPN/HowToUse"
Nachi Ueno (talk | contribs) (→Setup) |
Nachi Ueno (talk | contribs) |
||
(3 intermediate revisions by the same user not shown) | |||
Line 3: | Line 3: | ||
=== On going reviews === | === On going reviews === | ||
− | # Server Side Plugin: | + | # Server Side Plugin and Agent support: https://review.openstack.org/#/c/70274/ |
− | # Client Support[WIP]: | + | # Client Support[WIP]: https://review.openstack.org/#/c/70254/ |
− | # | ||
== Setup == | == Setup == | ||
Line 17: | Line 16: | ||
== Workflow == | == Workflow == | ||
− | + | (0) Clone test certificates and scripts from https://github.com/nttmcl/neutron_ssl_vpn_script/tree/master/openvpn | |
− | + | (1) create vpn certificate | |
− | |||
− | |||
− | + | neutron vpn-credential-create --name vpncredential1 --ca ca.crt --server_certificate east-server.crt --server_key east-server.key --dh dh1024.pem | |
+ | |||
+ | (2) create vpn service | ||
+ | |||
+ | neutron vpn-service-create router1 private-subnet --name vpnservice1 | ||
+ | |||
+ | (3) create sslvpn connection | ||
+ | |||
+ | neutron ssl-vpn-connection-create vpnservice1 vpncredential1 | ||
+ | |||
+ | (4) Check connections | ||
+ | |||
+ | neutron ssl-vpn-connection-list | ||
+ | |||
+ | (5) run test client in namespace | ||
+ | |||
+ | cd openvpn | ||
+ | sudo ./ovpn-testclient.sh |
Latest revision as of 07:55, 19 February 2014
Neutron SSL-VPN extension: How to use page
On going reviews
- Server Side Plugin and Agent support: https://review.openstack.org/#/c/70274/
- Client Support[WIP]: https://review.openstack.org/#/c/70254/
Setup
(1) install openvpn
apt-get install openvpn
(2) run devstack with ongoing patches
Workflow
(0) Clone test certificates and scripts from https://github.com/nttmcl/neutron_ssl_vpn_script/tree/master/openvpn
(1) create vpn certificate
neutron vpn-credential-create --name vpncredential1 --ca ca.crt --server_certificate east-server.crt --server_key east-server.key --dh dh1024.pem
(2) create vpn service
neutron vpn-service-create router1 private-subnet --name vpnservice1
(3) create sslvpn connection
neutron ssl-vpn-connection-create vpnservice1 vpncredential1
(4) Check connections
neutron ssl-vpn-connection-list
(5) run test client in namespace
cd openvpn sudo ./ovpn-testclient.sh