diff options
author | currite <sll@disroot.org> | 2019-12-12 19:18:41 +0100 |
---|---|---|
committer | currite <sll@disroot.org> | 2019-12-16 15:37:17 +0100 |
commit | 75d7d6a31b0a8e9bf730c8c4744c8e30f4c60c48 (patch) | |
tree | d675c7da21dd4788a22f26ddb4b31924ee012605 /docs/vpn | |
parent | 14bde748e96b500102a74fd8d1be98453745f7c7 (diff) | |
download | vyos-documentation-75d7d6a31b0a8e9bf730c8c4744c8e30f4c60c48.tar.gz vyos-documentation-75d7d6a31b0a8e9bf730c8c4744c8e30f4c60c48.zip |
openvpn: add link to basic PKI setup in knowledge-base
Diffstat (limited to 'docs/vpn')
-rw-r--r-- | docs/vpn/openvpn.rst | 5 |
1 files changed, 3 insertions, 2 deletions
diff --git a/docs/vpn/openvpn.rst b/docs/vpn/openvpn.rst index 1c728ef6..69961f0c 100644 --- a/docs/vpn/openvpn.rst +++ b/docs/vpn/openvpn.rst @@ -183,8 +183,8 @@ Server ====== Multi-client server is the most popular OpenVPN mode on routers. It always uses -x.509 authentication and therefore requires a PKI setup. This guide assumes you -have already setup a PKI and have a CA certificate, a server certificate and +x.509 authentication and therefore requires a PKI setup. This guide assumes +`you have already setup a PKI`_ and have a CA certificate, a server certificate and key, a certificate revocation list, a Diffie-Hellman key exchange parameters file. You do not need client certificates and keys for the server setup. @@ -254,6 +254,7 @@ internally, so we need to create a route to the 10.23.0.0/20 network ourselves: set protocols static interface-route 10.23.0.0/20 next-hop-interface vtun10 +.. _`you have already setup a PKI`: https://support.vyos.io/en/kb/articles/using-easy-rsa-to-generate-x-509-certificates-and-keys-2 Client Authentication --------------------- |