openvpn+ samba ?

1. openvpn+ samba ?

anderson
nepsck

(usa CentOS)

Enviado em 11/11/2009 - 12:41h

Bom dia !
alguém sabe com eu faço p fazer com que o openvpn faça a autenticação pelos usuarios do samba, pelo pam eu sei que é com plugin /usr/lib/openvpn-auth-pam.so common-auth. com os usuarios ruwindows nao podem acessar usando o pam, entao gostaria de colocar para rodar com o samba isso é possivel ? como seria feto nesse caso ?

essa é minha configuração do openvpn
############################################################

# Dispositivo utilizado pelo OpenVPN
dev tun

# Define que atuaremos como servidor
mode server
# Indica que o servidor atuará como o
# controlador no canal de comunicação

# durante a conexão TLS
tls-server
# Permite que os clientes conectados ao
# servidor troquem pacotes entre si

client-to-client
# with tls-auth server is value 0 and client is value 1
#tls-auth keys/ta.key 0
dh keys/dh1024.pem

ca keys/ca.crt
cert keys/server.crt
key keys/server.key
duplicate-cn
server 171.171.100.0 255.255.255.0 # IP range clients

ifconfig-pool-persist ipp.txt
# note: initial tests used these, and they worked, but
# the man page hade the two lines above.

#ifconfig 192.168.100.1 192.168.100.2
#ifconfig-pool 192.168.100.5 192.168.100.200 # IP range clients
route-up "route delete -net 171.171.100.0/24"

route-up "route add -net 171.171.100.0/24 tun0"
ush "route 171.171.100.1" # add route to protected network

# the next line tells the client to route all traffic thru the VPN
# you might not want this
#push "redirect-gateway def1"

# if you do not want to route all client traffic thru VPN, do something
like
# the following (uncomment out and edit as needed)

#push "route 10.90.134.0 255.255.255.0"
#push "route 10.0.134.0 255.255.255.0"
#push "route 195.214.241.0 255.255.255.0"

# if you have mobile users, the following can be used:
#push "dhcp-option DOMAIN riseup.net" #push the DNS domain suffix

#push "dhcp-option DNS 10.32.1.14 " #push DNS entries to client
#push "dhcp-option WINS 69.90.134.134 " #push WINS entries to client
port 1194

user nobody
group nogroup
; comp-lzo
ping 60
; ping-restart 45

; ping-timer-rem
persist-tun
persist-key
verb 6
log-append /var/log/openvpn/openvpn.log

status /var/log/openvpn/status.log
plugin /usr/lib/openvpn/openvpn-auth-pam.so common-auth

client-cert-not-required

##############################
desde ja fico grato


  






Patrocínio

Site hospedado pelo provedor RedeHost.
Linux banner

Destaques

Artigos

Dicas

Tópicos

Top 10 do mês

Scripts