NFS + VPN on ubuntu and debian

yang dibutuhkan :

-OpenVPN

-NFS(Network File System)

Server : virtual box (ubuntu server 12.04)

Client : os asli (kali linux)

Yang kita lakukan pertama adalah konfigutasi OpenVPN

Cara Menginstall OpenVPN

Server

1.sudo su

Screenshot from 2013-11-15 16:30:12

2. apt-get install openvpn

Screenshot from 2013-11-15 16:30:50

3.cd /etc/openvpn

Screenshot from 2013-11-15 16:31:28

4.mkdir easy-rsa

Screenshot from 2013-11-15 16:32:26

Selanjutnya kita mengcopy file config

2. cp -r /usr/share/doc/openvpn/examples/easy-rsa/1.0/* /etc/openvpn/easy-rsa (bisa menggunakan 1.0 atau 2.0 pilih yg sesuai dengan openssl)

Screenshot from 2013-11-15 16:33:31

3.cp /usr/share/doc/openvpn/examples/sample-config-files/server.conf.gz /etc/openvpn/

Screenshot from 2013-11-15 16:38:00

4. gzip -d /etc/openvpn/server.conf.gz

Screenshot from 2013-11-15 16:38:37

Selanjutknya kita membuat sertifikat untuk server dan client

5.cd /etc/openvpn/easy-rsa/

Screenshot from 2013-11-15 16:39:21

6.source vars

Screenshot from 2013-11-15 16:39:42

7. ./clean-all

Screenshot from 2013-11-15 16:52:19

8. ./build-ca

nanti akan di suruh informasi sebagai berikut kalau gk mau pusing isi aja yang Common Name

Screenshot from 2013-11-15 16:53:08

9. ./build-key-server server

yang ini Common Namenya di isi server

Screenshot from 2013-11-15 16:54:13

Screenshot from 2013-11-15 16:54:44

10. ./build-dh

Screenshot from 2013-11-15 17:02:59

11. ./build-key client

Common Name isi sesuai dengan nama client misalnya client

Screenshot from 2013-11-15 17:01:39

12.mkdir /etc/openvpn/keys

Screenshot from 2013-11-15 17:41:18

12. cp /etc/openvpn/easy-rsa/keys/* /etc/openvpn/keys/

Screenshot from 2013-11-15 17:41:48

14.cd /etc/openvpn

Screenshot from 2013-11-15 18:04:04

13. nano /etc/openvpn/server.conf

hapus semua isi file dan isi dengan

port 1194 # port yang dibuka
proto udp # pilih udp atau TCP , klo TCP bisa under proxy
dev tun # interfaces yang akan digunakan
ca /etc/openvpn/keys/ca.crt # lokasi sertifikat ca.crt
cert /etc/openvpn/keys/server.crt # lokasi sertifikat server.crt
key /etc/openvpn/keys/server.key # lokasi server.key
dh /etc/openvpn/keys/dh1024.pem # lokasi dh1024.pem
server 10.8.0.0 255.255.255.0 # alokasi nomer IP client/server
ifconfig-pool-persist ipp.txt # supaya alokasi IP client tdk berubah2
keepalive 10 120 # waktu yang di inginkan untuk mengecheck koneksi
comp-lzo # sistem kompresi (wajib aktif di client maupun di server)
persist-key 
persist-tun 
status server-tcp.log
verb 3

Screenshot from 2013-11-15 17:40:31

untuk mengecheck bila ada kesalahan atau tidak

14. openvpn – -config server.conf

Screenshot from 2013-11-15 18:04:18

sekarang start openvpnnnya

15.service openvpn start

Screenshot from 2013-11-15 18:04:46

kemudian check interfaces bila sudah ada tun0 berarti server berjalan

16.ifconfig

Screenshot from 2013-11-15 18:05:07

kemudian buat file tar dari keys untuk client

17. tar -czvf keys.tar.gz keys/

Screenshot from 2013-11-15 18:05:45

kemudian kirim ke client

18.scp -r keys.tar.gz renardy@192.168.7.126:/home/renardy/

Screenshot from 2013-11-15 18:09:00

Client

1. su

Screenshot from 2013-11-15 18:14:23

1. apt-get install openvpn

Screenshot from 2013-11-15 18:13:23

2.mv /home/renardy/keys.tar.gz /etc/openvpn

Screenshot from 2013-11-16 17:04:18

3. cd /etc/openvpn/

Screenshot from 2013-11-15 18:13:49

4.tar -xvf keys.tar.gz

Screenshot from 2013-11-15 18:14:49

5.nano client.conf

kemudian isi dengan

client # menyatakan bahwa ini adalah konfigurasi client
dev tun # menggunakan tun, sesuai servernya tadi
proto udp # menggunakan protokol udp sesuai server tadi
remote x.x.x.x 9999 # IP openvpn dan port sesuai dengan server tadi
resolv-retry infinite
nobind
persist-key
persist-tun
ca /etc/openvpn/keys/ca.crt # lokasi ca.crt
cert /etc/openvpn/keys/client.crt # lokasi client.crt
key /etc/openvpn/keys/client.key # lokasi client.key
comp-lzo # menggunakan kompresi sesuai servernya
verb 3

Screenshot from 2013-11-15 18:17:19

kemudian check dengan

6.openvpn – -config client.conf

Screenshot from 2013-11-15 18:37:51

kemudian jalankan openvpn

7.service openvpn start

Screenshot from 2013-11-15 18:38:12

check interfaces jika tun0 sudah berjalan maka openvpn berhasil

8.ifconfig

Screenshot from 2013-11-15 18:39:28

coba ping ke ip server

9.ping 10.8.0.1

Screenshot from 2013-11-15 18:40:40

Okey OpenVPN sudah connect sekarang kita konfigurasi NFSnya (Network File System)

Konfigurasi :

Untuk server

1.sudo su

Screenshot from 2013-11-09 18:10:12

2.apt-get install  nfs-kernel-server portmap

Screenshot from 2013-11-09 18:13:30

3.mkdir /var/nfs

Screenshot from 2013-11-09 18:14:10

4.chown nobody:nogroup /var/nfs

Screenshot from 2013-11-09 18:30:12

5.nano /etc/exports

Screenshot from 2013-11-09 18:14:45
Dan tambahkan command ini di paling bawah 
/home           x.x.x.x(rw,sync,no_root_squash,no_subtree_check)
/var/nfs        x.x.x.x(rw,sync,no_subtree_check)

Screenshot from 2013-11-15 18:42:13

6.exports -a

Screenshot from 2013-11-09 18:15:40

Untuk client

1.sudo su

Screenshot from 2013-11-09 18:16:32

2.apt-get install nfs-common portmap

Screenshot from 2013-11-09 18:16:13

3.mkdir -p /mnt/nfs/home

Screenshot from 2013-11-09 18:17:06

4.mkdir -p /mnt/nfs/var/nfs

Screenshot from 2013-11-09 18:17:23

5.mount 10.8.0.1:/home /mnt/nfs/home

Screenshot from 2013-11-15 18:54:45

6.mount 10.8.0.1:/var/nfs /mnt/nfs/var/nfs

Screenshot from 2013-11-15 19:09:01

7.df -h

Screenshot from 2013-11-15 19:10:36

8.mount

Screenshot from 2013-11-15 19:10:50

9.touch /mnt/nfs/home/test /mnt/nfs/var/nfs/ok

Screenshot from 2013-11-15 19:07:30

Kembali ke server

10.ls /home

Screenshot from 2013-11-15 19:14:04

11.ls /var/nfs

Screenshot from 2013-11-15 19:15:39

Kembali ke client

12.nano /etc/fstab

Dan tambahkan command ini di paling bawah
10.8.0.1:/home /mnt/nfs/home nfs auto,noatime,nolock,bg,nfsvers=3,intr,tcp,actimeo=1800 0 0
10.8.0.1:/var/nfs /mnt/nfs/var/nfs nfs auto,noatime,nolock,bg,nfsvers=3,intr,tcp,actimeo=1800 0 0

Screenshot from 2013-11-15 19:16:27

Selamat NFS+VPN telah berjalan ^^ dan jangan lupa ketika mau mematikan pc di umount dulu biar gk error ^^

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: