diff options
| author | rebortg <github@ghlr.de> | 2023-05-10 15:58:06 +0200 |
|---|---|---|
| committer | rebortg <github@ghlr.de> | 2023-05-10 15:58:44 +0200 |
| commit | 6c0917208c59d11e0e00ec247756734a80321e67 (patch) | |
| tree | 250d9307e76b7811ec27e6c93052e9216230d53e /docs/configexamples/autotest/OpenVPN_with_LDAP/_include | |
| parent | 54b34091f439c57f666ec17ab8b5a8f430634ecb (diff) | |
| download | vyos-documentation-6c0917208c59d11e0e00ec247756734a80321e67.tar.gz vyos-documentation-6c0917208c59d11e0e00ec247756734a80321e67.zip | |
Configexample: migrate openvpn-ldap to autotest
Diffstat (limited to 'docs/configexamples/autotest/OpenVPN_with_LDAP/_include')
4 files changed, 38 insertions, 0 deletions
diff --git a/docs/configexamples/autotest/OpenVPN_with_LDAP/_include/client.conf b/docs/configexamples/autotest/OpenVPN_with_LDAP/_include/client.conf new file mode 100644 index 00000000..fb101b12 --- /dev/null +++ b/docs/configexamples/autotest/OpenVPN_with_LDAP/_include/client.conf @@ -0,0 +1,10 @@ +set interfaces ethernet eth1 address '198.51.100.1/24' +set interfaces openvpn vtun1 mode client +set interfaces openvpn vtun1 remote-host 198.51.100.254 +set interfaces openvpn vtun1 remote-port 1194 +set interfaces openvpn vtun1 protocol udp +set interfaces openvpn vtun1 tls certificate CLIENT +set interfaces openvpn vtun1 tls ca-certificate OVPN-CA + +set interfaces openvpn vtun1 authentication username 'user01' +set interfaces openvpn vtun1 authentication password 'P4ssw0rd123'
\ No newline at end of file diff --git a/docs/configexamples/autotest/OpenVPN_with_LDAP/_include/ldap-auth.config b/docs/configexamples/autotest/OpenVPN_with_LDAP/_include/ldap-auth.config new file mode 100644 index 00000000..0ae3dbc0 --- /dev/null +++ b/docs/configexamples/autotest/OpenVPN_with_LDAP/_include/ldap-auth.config @@ -0,0 +1,13 @@ +<LDAP> +URL ldap://192.168.1.10 +BindDN bind_user@vyos.local +Password P4ssw0rd123 +Timeout 15 +TLSEnable no +FollowReferrals no +</LDAP> +<Authorization> +BaseDN "DC=vyos,DC=local" +SearchFilter "sAMAccountName=%u" +RequireGroup false +</Authorization>
\ No newline at end of file diff --git a/docs/configexamples/autotest/OpenVPN_with_LDAP/_include/ovpn-server.conf b/docs/configexamples/autotest/OpenVPN_with_LDAP/_include/ovpn-server.conf new file mode 100644 index 00000000..982ec355 --- /dev/null +++ b/docs/configexamples/autotest/OpenVPN_with_LDAP/_include/ovpn-server.conf @@ -0,0 +1,15 @@ +set interface ethernet eth1 address '192.168.1.1/24' +set interface ethernet eth2 address '198.51.100.254/24' +set interfaces openvpn vtun10 local-host '198.51.100.254' +set interfaces openvpn vtun10 local-port '1194' +set interfaces openvpn vtun10 mode 'server' +set interfaces openvpn vtun10 openvpn-option '--plugin /usr/lib/openvpn/openvpn-auth-ldap.so /config/auth/ldap-auth.config' +set interfaces openvpn vtun10 persistent-tunnel +set interfaces openvpn vtun10 protocol 'udp' +set interfaces openvpn vtun10 server push-route '192.168.1.0/24' +set interfaces openvpn vtun10 server subnet '10.23.1.0/24' + +set interfaces openvpn vtun10 tls ca-certificate OVPN-CA +set interfaces openvpn vtun10 tls certificate SRV +set interfaces openvpn vtun10 tls dh-params DH +set protocols static route 10.1.1.0/24 interface vtun10
\ No newline at end of file diff --git a/docs/configexamples/autotest/OpenVPN_with_LDAP/_include/topology.png b/docs/configexamples/autotest/OpenVPN_with_LDAP/_include/topology.png Binary files differnew file mode 100644 index 00000000..382e44f6 --- /dev/null +++ b/docs/configexamples/autotest/OpenVPN_with_LDAP/_include/topology.png |
