diff options
| author | currite <53279076+currite@users.noreply.github.com> | 2019-12-12 22:01:25 +0100 |
|---|---|---|
| committer | Christian Poessinger <christian@poessinger.com> | 2019-12-12 22:01:25 +0100 |
| commit | a25f9d0ffbf25be0af07d8d6e93805fba3a51d1d (patch) | |
| tree | a498d267ea4079e835ea4a0f1aaee4572b20847e | |
| parent | c713d63379686d7b4adceaa293459fb120924d77 (diff) | |
| download | vyos-documentation-a25f9d0ffbf25be0af07d8d6e93805fba3a51d1d.tar.gz vyos-documentation-a25f9d0ffbf25be0af07d8d6e93805fba3a51d1d.zip | |
OpenVPN: add link to basic PKI setup KB entry
| -rw-r--r-- | docs/vpn/openvpn.rst | 5 |
1 files changed, 3 insertions, 2 deletions
diff --git a/docs/vpn/openvpn.rst b/docs/vpn/openvpn.rst index 1c728ef6..69961f0c 100644 --- a/docs/vpn/openvpn.rst +++ b/docs/vpn/openvpn.rst @@ -183,8 +183,8 @@ Server ====== Multi-client server is the most popular OpenVPN mode on routers. It always uses -x.509 authentication and therefore requires a PKI setup. This guide assumes you -have already setup a PKI and have a CA certificate, a server certificate and +x.509 authentication and therefore requires a PKI setup. This guide assumes +`you have already setup a PKI`_ and have a CA certificate, a server certificate and key, a certificate revocation list, a Diffie-Hellman key exchange parameters file. You do not need client certificates and keys for the server setup. @@ -254,6 +254,7 @@ internally, so we need to create a route to the 10.23.0.0/20 network ourselves: set protocols static interface-route 10.23.0.0/20 next-hop-interface vtun10 +.. _`you have already setup a PKI`: https://support.vyos.io/en/kb/articles/using-easy-rsa-to-generate-x-509-certificates-and-keys-2 Client Authentication --------------------- |