OpenVPN â ñîñòàâå ïðîøèâêè îò ýíòóçèàñòîâ

[oblikoamorale]

Ìîãó ïðåäëîæèòü èäåþ ïåðåñîáðàòü openvpn ñ áîëåå ëåãêîâåñíîé ðåàëèçàöèåé SSL, íàïðèìåð libpolarssl

â÷åðà â ïîðÿäêå ýêñïåðèìåíòà ïîêîâûðÿëñÿ ñ openvpn-nl, ýòî openvpn 2.1, ïðîïàò÷åííûé íà ïðåäìåò ñáîðêè ñ polarssl. ðàçìåð ñòàòè÷åñêîãî áèíàðíèêà openvpn ïîëó÷àåòñÿ 0.7ÌÁ (áåç ñæàòèÿ). äëÿ ñðàâíåíèÿ, ñòàòèêà ïîñëåäíåãî openvpn è openssl òÿíåò íà 2.3ÌÁ.

â openvpn-nl âñ¸ õîðîøî, êðîìå òîãî, ÷òî îí îòêàçûâàåòñÿ èìåòü îáùèå êîííåêòû c openvpn/openssl:

Code:

TLS_ERROR: read tls_read_plaintext error

òîëêîì íå ðàçáèðàëñÿ, íî ïîäîçðåâàþ, polarssl íå ïåðåâàðèâàåò ñåðòèôèêàòû openssl. è openvpn-nl ïðèä¸òñÿ ñïàðèâàòü òîëüêî ñ ñåáå ïîäîáíûìè, ÷òî ñèëüíî îãðàíè÷èâàåò îáëàñòü åãî ïðèìåíåíèÿ (äëÿ ìåíÿ)

P.S. â openwrt íà÷àëàñü âîçíÿ ïî ïðèâåäåíèþ ïàêåòà openvpn â àêòóàëüíûé âèä. òàìîøíèé íàðîä ïëàíèðóåò âûïèëèòü 2 âèäà ïàêåòîâ, ñ openssl è polarssl. ðàáîòà êèïèò...

À ïîäåëèòüñÿ ñâîåé âåðñèåé ïðîøèâêè ìîæåòå?
Êàê ÿ ïîíèìàþ, ó âàñ OpenVPN óæå âñòðîåí â íåå?

ìîãó, íî íå óâåðåí, ÷òî îíà êîìó-òî ñìîæåò ïðèãîäèòüñÿ. èç ìîåé ïðîøèâêè âûðåçàíû âñå íåíóæíûå ëè÷íî ìíå âåùè, âêëþ÷àÿ wi-fi.
ïîïðîáóéòå ñîáðàòü ïðîøèâêó ñàìîñòîÿòåëüíî, ýòî íå òàê ñëîæíî, êàê êàæåòñÿ íà ïåðâûé âçãëÿä! âûëîæåííîé íà code.google.com èíñòðóêöèè äëÿ ýòîãî, íà ìîé âçãëÿä, âïîëíå äîñòàòî÷íî. à äîáàâèòü â ïðîøèâêó openvpn - ýòî ïðîñòî çàêèíóòü â /usr/sbin áèíàðíèê, íå áîëåå òîãî...

[staticroute]

ïîïðîáóéòå ñîáðàòü ïðîøèâêó ñàìîñòîÿòåëüíî, ýòî íå òàê ñëîæíî, êàê êàæåòñÿ íà ïåðâûé âçãëÿä! âûëîæåííîé íà code.google.com èíñòðóêöèè äëÿ ýòîãî, íà ìîé âçãëÿä, âïîëíå äîñòàòî÷íî. à äîáàâèòü â ïðîøèâêó openvpn - ýòî ïðîñòî çàêèíóòü â /usr/sbin áèíàðíèê, íå áîëåå òîãî...

èíñòðóêöèé òàì ÿâíî íåäîñòàòî÷íî, äëÿ ýòîãî íóæíî èìåòü áàçîâûå ïðåäñòàâëåíèÿ î Makefile.

èíñòðóêöèè òàì áîëüøå ïî ñáîðêå, ïî ñóòè ýòî ïðîñòî, åñëè ÷òî-òî êàñòîìíîå íóæíî, òî óæå ìîãóò âîçíèêíóòü ïðîáëåìû, äàæå òóïî, åñëè óáðàòü íåêîòîðûå îïöèè â make menuconfig, òî ñáîðêà ìîæåò íå çàâåðøèòüñÿ óäà÷íî.

êðîìå òîãî åñòü îïðåäåëåííûå hardcoded óñòàíîâêè ìîäóëåé â Makefile, ïîýòîìó, åñëè ïåðåñîáèðàåòå ÿäðî ñî ñâîèìè îïöèÿìè (ñêàæåì âûêèíåòå ntfs ïîääåðæêó èëè ÷åãî-òî åùå), òî íóæíî áóäåò gateway/Makefile òàêæå ïðàâèòü ñàìîìó âðó÷íóþ.

äëÿ èíñòàëëà openvpn íóæíî áóäåò â Makefile äîáàâèòü ñòðî÷êó ñáîðêè è êîïèðîâàíèÿ áèíàðíèêà
ïî òèïó:

Code:

        install -D openvpn/src/openvpn $(INSTALLDIR)/openvpn/usr/sbin/openvpn
        $(STRIP) $(INSTALLDIR)/openvpn/usr/sbin/openvpn

(êîä íåòî÷íûé, ñêîðåå âñåãî íóæíî áóäåò åùå ïðåäâàðèòåëüíî äîáàâèòü ñáîðêó ïàêåòà ñ íóæíûìè îïöèÿìè, åñëè íå äåëàåòå ýòîãî äî ýòîãî).

[ryzhov_al]

...Ïðî post-mount è ïðî÷èå ñêðèïòû ÿ çíàþ, íî èõ íóæíî åùå ïðîïèñàòü âî ôëåø.. À íàëè÷èå òàêîé ôè÷è îáëåã÷èëî áû æèçíü è "ñåðèéíûì íàñòðîéùèêàì", è ïîëíûì íóáàì.

"Ïðîøåéòå ðîóòåð âîò òîé ïðîøèâêîé, ðàñïàêóéòå âîò ýòîò ôàéë â êîðåíü ôëåøêè, âñòàâòå åå â ðîóòåð è ïåðåãðóçèòåñü. È âñå óæå íàñòðîåíî."

Äðóãèìè ñëîâàìè, åñòü æåëàíèå çàðàáàòûâàòü äåíüãè íàñòðîéêîé ñòàè ðîóòåðîâ, íî íåò æåëàíèÿ ðàáîòàòü ðó÷êàìè è âû ïðîñèòå âûíåñòè ôóíêöèîíàë â web-èíòåðôåéñ. Êðóòî.

â÷åðà â ïîðÿäêå ýêñïåðèìåíòà ïîêîâûðÿëñÿ ñ openvpn-nl, ýòî openvpn 2.1, ïðîïàò÷åííûé íà ïðåäìåò ñáîðêè ñ polarssl. ðàçìåð ñòàòè÷åñêîãî áèíàðíèêà openvpn ïîëó÷àåòñÿ 0.7ÌÁ (áåç ñæàòèÿ). äëÿ ñðàâíåíèÿ, ñòàòèêà ïîñëåäíåãî openvpn è openssl òÿíåò íà 2.3ÌÁ.

Ìíå ñî ñòàòè÷åñêîé ëèíêîâêîé theMIROn îäíó âåùü íàïîìíèë, ÿ âèäå å¸ ðàíüøå ïðè ñáîðêå opkg. Äîïóñòèì, ñòàòè÷åñêàÿ fatlib.a ñîäåðæèò âíóòðè áèíàðíèêè blob1.o, blob2.o, blob3.o. È äîïóñòèì, ÷òî âàøà ñîôòèíà èñïîëüçóåò òîëüêî ôóíêöèè èç blob1.o Åñëè âû ñëèíêóåòå fatlib.a ñî ñâîåé ïðîãðàììîé, òî â èòîãîâûé êîä ìîãóò ïîïàñòü blob2.o, blob3.o, êîòîðûå âàì òàì íàôèã íå íóæíû. Äëÿ òîãî, ÷òîáû openvpn-nl åù¸ ïîõóäåë, ïåðåäàâàéòå ëèíêîâùèêó êëþ÷ --gc-sections, êîòîðûé çàñòàâëÿåò ëèíêîâùèêà âûêèäûâàòü òå ñåêöèè êîäà, êîòîðûå ó âàñ â ñîôòèíå íå çàäåéñòâîâàíû.

[coolo1]

ïî OpenVpn ñîåäèíåíû 2 ðîóòåðà íà îäíîì åñòü èíòåðíåò(ñåðâåð) ó íåãî ìàðøðóòû:

89.107.196.40 10.8.5.1 255.255.255.255 UGH 0 0 0 vlan1
10.20.30.2 * 255.255.255.255 UH 0 0 0 tun0
109.111.24.165 * 255.255.255.255 UH 0 0 0 ppp0
10.0.1.1 10.8.5.1 255.255.255.255 UGH 0 0 0 vlan1
89.107.196.35 10.8.5.1 255.255.255.255 UGH 0 0 0 vlan1
10.8.5.0 * 255.255.255.0 U 0 0 0 vlan1
192.168.3.0 10.20.30.2 255.255.255.0 UG 0 0 0 tun0
192.168.1.0 * 255.255.255.0 U 0 0 0 br0
169.254.0.0 * 255.255.0.0 U 0 0 0 br0
127.0.0.0 * 255.0.0.0 U 0 0 0 lo
default vpn34-165.altai 0.0.0.0 UG 0 0 0 ppp0

íàñòðîéêè ôàåðâîëà :

iptables -I INPUT -p tcp --dport 5901 -j ACCEPT
iptables -I INPUT -p tcp --dport 2048 -j ACCEPT
iptables -I INPUT -p tcp --dport 1194 -j ACCEPT
iptables -I FORWARD -i br0 -o tun0 -j ACCEPT
iptables -I FORWARD -i tun0 -o br0 -j ACCEPT
iptables -I INPUT -i tun0 -j ACCEPT
iptables -A POSTROUTING -t nat -o tap0 -j MASQUERADE

Âòîðîé ðîóòåð - êëèåíò:

ôàåðâîë:

iptables -I INPUT 3 -i tun0 -j ACCEPT
iptables -I FORWARD -i tun0 -j ACCEPT
iptables -I FORWARD -o tun0 -j ACCEPT

ìàðøðóòû

Destination Gateway Genmask
10.20.30.1 * 255.255.255.255 UH 0 0 0 tun0
10.8.5.1 * 255.255.255.255 UH 0 0 0 vlan1
10.8.5.0 * 255.255.255.0 U 0 0 0 vlan1
192.168.3.0 * 255.255.255.0 U 0 0 0 br0
169.254.0.0 * 255.255.0.0 U 0 0 0 br0
127.0.0.0 * 255.0.0.0 U 0 0 0 lo
0.0.0.0 * 0.0.0.0 U 0 0 0 tun0

è íà êëèåíòå íå ïîÿâëÿåòñÿ èíòåðíåò
÷òî íå òàê?

[PythoNN]

Åñëè áû åùå ñäåëàëè ýíòóçèàñòû íàñòðîéêó OpenVPN êëèåíòà ÷åðåç âåá-ìîðäó + auth-user-pass îïöèþ + êîãäà ïðîèñõîäèò äèñêîííåêò, äîñòóï îñòàåòñÿ òîëüêî ê ñåðâåðó(íàïðèìåð 111.111.111.111) à êî âñåìó îñòàëüíîìó(google.ru)çàêðûâàåòñÿ, LAN ïðè ýòîì äîëæåí îñòàâàòüñÿ.

Çà òàêîå áû, íå ïðîñòî ÿùèê ïèâà, à öåëóþ öèñòåðíó

Ýõ, ìå÷òû.

[Arthur_X]

OpenVPN èñïîëüçóåòñÿ äëÿ îáúåäèíåíèÿ ëîêàëüíûõ ñåòåé ÷åðåç MAN (100Ìáèò) ïðîâàéäåðà.
Õî÷åòñÿ ìàêñèìàëüíîé ïðîïóñêíîé ñïîñîáíîñòè ÷åðåç OpenVPN, äî 70-80Ìáèò/c.
Íà wl500gpv2 ýòî íå ðåàëüíî, óæå òåñòèðîâàë.
Êàêîå æåëåçî èç ASUS`îâ ïîñîâåòóåòå? À ìîæåò íå èç ASUS`îâ?

Çàðàíåå ñïàñèáî.

[avokain]

Âîáùåì çàäà÷à ÷òîáû óäàëåííûé êîìï áûë â îäíîé ëîêàëêå ñ ðîóòåðîì è äîìàøíèìè êîìïàìè
îïåíâïí ñòàâèë ïî ïðèíöèïàì ýòîé ñòàòüè
http://wl500g.info/archive/index.php/t-8880.html

Âñå çàïóñêàåòñÿ âñå êîíåêòèòñÿ, íî íå ïèíãóåòñÿ íè 192.168.1.1 íè äîìàøíèé êîìï. ñ ðîóòåðà è äîìàøíåãî êîìïà òîæå íå ïèíãóåòñÿ óäàëåííûé êîìï

Ïðîáîâàë øàìàíèòü ñ iptables íî ÷åòî íè÷å íå ïîëó÷àåòñÿ , íè÷å â íåì íå ïîíèìàþ ((

Âîò ÷òî ó ìåíÿ â ôàéëå post-firewall

Code:

iptables -D INPUT -j DROP
iptables -A INPUT -p tcp --dport **** -j ACCEPT
iptables -t nat -A PREROUTING -i eth1 -p tcp --dport **** -j DNAT --to-destination $4:****
iptables -A INPUT -i tap+ -j ACCEPT
iptables -A FORWARD -i tap+ -j ACCEPT
iptables -I FORWARD -i br0 -o tap+ -j ACCEPT
iptables -I FORWARD -i tap+ -o br0 -j ACCEPT
iptables -A INPUT -j DROP

Ñòàðòîâûé ñêðèïò:

Code:

#!/bin/sh
#
# Startup script for openvpn server
#

# Make sure IP forwarding is enabled
echo 1 > /proc/sys/net/ipv4/ip_forward

#Insert tun module into kernel
insmod tun


# Start the openvpn daemon - add as many daemons as you want
/opt/sbin/openvpn --daemon --cd /opt/etc/openvpn --config openvpn.conf 

# [EOF]

Êîíôèã ñåðâåðà:

Code:

daemon
port ****
proto tcp
dev tap0

script-security 2

server-bridge 192.168.1.1 255.255.255.0 192.168.1.150 192.168.1.155
push "redirect-gateway"
push "dhcp-option DNS 192.168.1.1"
push "dhcp-option WINS 192.168.1.1"


ca ca.crt
cert server.crt
key server.key
dh dh1024.pem

client-to-client
keepalive 10 120
comp-lzo
max-clients 2
status openvpn-status.log
log openvpn-all.log
verb 3

[AVDEY]

Ïðîáóþ óñòàíîâèòü openvpn â îñíîâíóþ ïàìÿòü íà ðîóòåð RT-N12B1.
Ðàçìåð ðàçäåëà tmpfs íó ñîîòâåòñòâåííî /opt 14.3M.
Óñòàíîâëåííûé ipkg çàíèìàåò 1.3Ì.
uclibc-opt çàíèìàåò 2.6Ì
openvpn 10.9M.
Ñîîòâåòñòâåííî 1.3+2.6+10.9=14.8Ì íå âëàçèò. Íó è ïî èäåå ïðè óñòàíîâêå òðåáóåòñÿ äîïîëíèòåëüíîå ìåñòî äëÿ ðàñïàêîâêè ïàêåòîâ.
Äëÿ îïûòà ïîñòàâèë íà WL520GU ñ ôëåøêîé óñòàíîâèëîñü áåç ïðîáëåì, âñå ðàáîòàåò.
Ñîáñòâåííî âîïðîñ: ÷òî ìîæíî óäàëèòü èç ïàêòà uclibc-opt, èëè êàêèå åñòü âàðèàíòû ÷òî áû óñòàíîâèòü? âåðñèÿ ïðîøèâêè RT-N12B1-1.9.2.7-rtn-r3702.

ïîïðîáóéòå çàïóñê èç áèíàðíèêà ... îòïèøèòåñü ïîòîì î ðåçóëüòàòå ...

À êàêàÿ ðàçíèöà, ñ áèíàðíèêà èëè â ðó÷íóþ êîìàíäû ââîäèòü? Ïîïðîáîâàë, îí âñå ðàâíî çàâèñ, íà ñêà÷êå ïàêåòà ncurses_. ß óñïåøíî ïîäíÿë OpenVPN client íà WL520GU, ñåðâåð çàïóùåí íà UBUNTU server

ýì, íó òîãäà ïðî÷èòàéòå åù¸ ðàç ýòó òåìó ñ ñàìîãî íà÷àëà íóæåí òîëüêî ýòîò áèíàðíèê, îí çàíèìàåò âñåãî 912 K

ïðîñòèòå, äåéñòâèòåëüíî ïðîïóñòèë:

Ñòàòè÷åñêè ñîáðàííûé, íå çàâèñÿùèé îò äîï. áèáëèîòåê çà ïðåäåëàìè ïðîøèâêè...

ïî ýòîìó ãðåøèë íà îòñóòñòâèå áèáëèîòåê. Òåïåðü âñå ïîëó÷èëîñü . Òåïåðü íàäî áóäåò ïðîòåñòèðîâàòü ñêîðîñòü êîòîðóþ ýòîò ðîóòåð ñìîæåò äàòü.

×òî òî ðàíî ÿ ðàäîâàòüñÿ íà÷àë. Ïîäêëþ÷åíèå åñòü, ping õîäèò â ïîäñåòè íî ïðè ïîïûòêå îòêðûòü ðàñøàðåíûé ðåñóðñ èëè http:// ñòðàíèöó ðîóòåð áåçâîçâðàòíî çàâèñàåò, ïîìîãàåò òîëüêî âûêëþ÷åíèå ïèòàíèÿ.
Åñòü êàêèå òî ñîîáðàæåíèÿ èç çà ÷åãî?

[Inmate007]

Íóæåí øëþç äëÿ openvpn, ïîìîãèòå ñ âûáîðîì
Âûáèðàþ èç RT-N10U èëè RT-N12 b/c, äðóãèõ áîëåå ìåíåå âàðèàíòîâ ñîîòíîøåíèÿ öåíà ïðîèçâîäèòåëüíîñòü íå íàøåë.

Ñàìîå ñòðàííîå http://code.google.com/p/wl500g/wiki/Devices
çäåñü óêàçàíà ôëåøêà ó n12b1 8Mb, íà ñàéòå dd-wrt 4Mb.

Ïðîöåññîðû ó íèõ îäèíàêîâûå, USB íå íàäî, 12-ûé äåøåâëå 10-ãî.
Èíòåðåñíî êàê ïîâåäåò ñåáÿ ðàçîãíàííûé rt-n10u, äåøåâûé rt-n10.
â wiki âåðíî ëè óêàçàíî, ÷òî ó RT-N12b1 ïàìÿòü DDR ? Åñëè òàê, òî äóìàþ ëó÷øå RT-N12.

Ñðàâíèë OpenVPN ... DD-WRT, êëèåíòîì, udp, BF-CBC, áåç ñæàòèÿ. Ñåðâåð pfsense.

WNR3500L = 1000Kb/s, 100% CPU openvpn
DIR-320 = 650Kb/s, 100% CPU openvpn
WL-500G V2 = 650Kb/s, 100% CPU openvpn
WR1043ND = 770Kb/s, 50% CPU openvpn (ADSL îãðàíè÷èë ñêîðîñòü)
RT-N13U = 850Kb/s, 70% CPU openvpn (îãðàíè÷åíèå âíåøêè)

------------------------------------
RTFM: Ìàðøðóòèçàòîðû Asus ñ ïðîøèâêîé "îò ýíòóçèàñòîâ"
http://wl500g.info/showthread.php?28...îò-ýíòóçèàñòîâ
http://wl500g.info/showthread.php?28...s-RT-N12-B1-C1

[Hohmach]

Ñàìîå ñòðàííîå http://code.google.com/p/wl500g/wiki/Devices
çäåñü óêàçàíà ôëåøêà ó n12b1 8Mb, íà ñàéòå dd-wrt 4Mb.

4Mb ó rt-n12 a02, ó rt-n12 b1 ôëåø 8Mb

[Inmate007]

4Mb ó rt-n12 a02, ó rt-n12 b1 ôëåø 8Mb

Óæå ðàçîáðàëñÿ ÷òî ó íèõ, ñïàñèáî.

Èñïîëüçîâàë êòî íèáóäü äëÿ OpenVPN rt-n10u, rt-n12b,c, rt-n10 ?
Êàê îíè ïî ïðîèçâîäèòåëüíîñòè?
Íàäåþñü íå õóæå "Broadcom BCM5354 chip rev 3". Îñîáåííî èíòåðåñíî rt-n10(áåç U) ñ åãî 300MHz è öåíîé !

[YVM]

OpenVPN àäìèíû äåéñòâèòåëüíî â îôèñå èñïîëüçîâàòü îòêàçûâàþòñÿ.
Íî ýòî ïîêà åäèíñòâåííîå ïîëíîöåííîå ñîåäèíåíèå íà ñóùåñòâóþùåé ïðîøèâêå ò.ê. IPSec ïîäíÿòü ÿäðî íå ïîçâîëÿåò. Áûëî áû î÷åíü óìåñòíûì â ïðîøèâêå.
Íàñòðîèòü âåáìîðäó ìîæåò ëþáîé ïðîäâèíóòûé þçåð â òåëåôîííîì ðåæèìå, à âîò íàñòðîèòü ÷åðåç SSH...

[ryzhov_al]

Ïîìèìî âîçðàñòàíèÿ ðàçìåðà ïðîøèâêè íà...

Code:

$ ldd /opt/bin/openvpn | awk "{print \$3}" | xargs du -hL
312K    /opt/lib/libssl.so.1.0.0
1,4M    /opt/lib/libcrypto.so.1.0.0
120K    /opt/lib/liblzo2.so.2
...
$ du -hs /opt/bin/openvpn
336K    /opt/bin/openvpn

...íà ~2,2Ìá, åù¸ è íåîáõîäèìî ïðîâåñòè ðàáîòó ïî äîïèëèâàíèþ web-èíòåðôåéñà. Âîçüì¸òåñü ïîìî÷ü?

ÇÛ äðóãèå ïîòåíöèàëüíûå äëÿ âêëþ÷åíèÿ â ïðîøèâêó ïðîãðàììû ïîòðåáóþò âî ôëåøå ñëåäóþùèé îáú¸ì:

• DLNA-ñåðâåð/IPTV ïëåéåð:

Code:

$ ldd /opt/bin/xupnpd  | awk "{print \$3}" | xargs du -hL
196K    /opt/lib/liblua.so.5.1.4
...
$ du -hs /opt/bin/xupnpd
68K     /opt/bin/xupnpd

~260êá äëÿ xupnpd. Î÷åíü ìîæåò áûòü, òàê êàê ó íåãî ñâîé ñîáñòâåííûé web-èíòåðôåéñ,

• torrent-êëèåíò:

Code:

$ ldd /opt/bin/transmission-daemon   | awk "{print \$3}" | xargs du -hL
268K    /opt/lib/libevent-2.0.so.5
40K     /opt/lib/libminiupnpc.so.8
16K     /opt/lib/librt.so.0
304K    /opt/lib/libcurl.so.4
312K    /opt/lib/libssl.so.1.0.0
1,4M    /opt/lib/libcrypto.so.1.0.0
84K     /opt/lib/libz.so.1
...
$ du -hs /opt/share/transmission/
888K    /opt/share/transmission/
$ du -hs /opt/bin/transmission-daemon
412K    /opt/bin/transmission-daemon

~3,8Ìá äëÿ transmission, âêëþ÷àÿ ñîáñòâåííûé web-èíòåðôåéñ.

• çàùèòà îò DNS-ñïóôèíãà:

Code:

$ du -hs /opt/sbin/dnscrypt-proxy
396K    /opt/sbin/dnscrypt-proxy

Äà, è âñ¸ ýòî ïðè óñëîâèè, åñëè ðàçðàáîò÷êè èçìåíÿòü ôèëîñîôèþ ïðîøèâêè â âäðóã íà÷íóò íà÷èíàòü å¸ ñòîðîííèì ñîôòîì.

[DarkForce]

Äîáàâüòå, ïîæàëóéñòà, â âåá-ìîðäó âîçìîæíîñòü ïðèöåïëÿòü OpenVPN ñåðòèôèêàòû.
Ìíîþ, íà ðàáîòå ðîóòåð þçàåòñÿ êàê òî÷êà äëÿ ñîçäàíèÿ è ïîääåðæàíèÿ òóííåëÿ ìåæäó ïîäðàçäåëåíèÿìè, íà äàííûé ìîìåíò OpenVPN íàñòðàèâàåòñÿ ÷åðåç ïîñëåäîâàòåëüíîñòü:
1. Ïåðåïðîøèâêà.
2. Ñáðîñ â äåôîëò.
3. Ïðîøèâêà flashfs.
4. Ïðîøèâêà êîíôèãà.
5. Äîïèëèâàíèå íàñòðîåê ïîäñåòè è ïð.
6. Çàïèõèâàíèå openvpn ñåðòèôèêàòîâ ÷åðåç WinSCP - êàê ðàç íåóäîáíûé ìîìåíò, è ñ íèì áîëüøå âñåãî âîçíè.

PS.  âûøåîïèñàííîì ñëó÷àå OpenVPN ñòàâèòñÿ â îñíîâíóþ ïàìÿòü ðîóòåðà, ñåðòèôèêàòû êëàäóòñÿ â /usr/local/root/vpn (åñòåñòâåííî, ÷òî ëîãèí íà òî÷êó ìåíÿåòñÿ íà root)
Åñëè íåò òàêîé òåõíè÷åñêîé âîçìîæíîñòè, òî îáúÿñíèòå, ïîæàëóéñòà, êàê ìîæíî ñîêðàòèòü çàòðàòû âðåìåíè íà 6 ïóíêò ïóòåì ñêðèïòîâ, èëè èíîé àâòîìàòèçàöèè.

[MercuryV]

Äîáàâüòå, ïîæàëóéñòà, â âåá-ìîðäó ...

ß áû íå ñòàë íà ýòî ðàññ÷èòûâàòü â áëèæàéøåå âðåìÿ, ïî÷èòàòü íà òåìó

6. Çàïèõèâàíèå openvpn ñåðòèôèêàòîâ ÷åðåç WinSCP - êàê ðàç íåóäîáíûé ìîìåíò, è ñ íèì áîëüøå âñåãî âîçíè

à ñ ÷åì èìåííî "âîçüíÿ"? åñëè íå íðàâèòñÿ èìåííî WinSCP êàê GUI ïðèëîæåíèå, ìîæíî âîñïîëüçîâàòüñÿ â ñðåäå Windows êîíñîëüíûì PSCP
Äëÿ ñåáÿ ÿ áû ñäåëàë äàæå òàê, ñêîðåå âñåãî: âðåìåííî ðàçìåñòèë áû ôàéëû ñåðòèôèêàòîâ íà ëþáîì ïîäêîíòðîëüíîì âåá-ñåðâåðå, âî âðåìÿ êîíôèãóðàöèè ðîóòåðà èç òåðìèíàëüíîé ñåññèè ïîìèìî âñåãî ïðî÷åãî âûïîëíèë áû

$ /usr/bin/wget http://àäðåñ_ôàéëà_ñåðòèôèêàòà -P /usr/local/root/vpn

ñåðòèôèêàòû êëàäóòñÿ â /usr/local/root/vpn (åñòåñòâåííî, ÷òî ëîãèí íà òî÷êó ìåíÿåòñÿ íà root)

Ïóñòü ìåíÿ ïîïðàâÿò, åñëè ÿ îøèáàþñü, íî /usr/local/root ñóùåñòâóåò è ïðè ëîãèíå != root

P.S. â ñëó÷àå, åñëè ïîäîáíóþ íàñòðîéêó íåîáõîäèìî äåëàòü îäíîîîáðàçíî äåñÿòêè/ñîòíè ðàç - ìîæåò áûòü ñòîèò ðàññìîòðåòü âàðèàò ñáîðêè êàñòîìíîé ïðîøèâêè? êîòîðàÿ óæå áóäåò ñîäåðæàòü OpenVPN, êîíôèãè è ñåðòèôèêàòû? èìõî, åñëè ðå÷ü èäåò î íàñòðîéêå íåñêîëüêèõ óñòðîéñòâ, òî íåïðèíöèïèàëüíî êàêèì ñïîñîáîì ïåðåäàâàòü ñåðòèôèêàòû.