====== Remote access com o OpenVPN ======

===== Cenário =====

{{:vpn-spo.jpg|}}

===== Passo 1 - Criar a Autoridade de certificação (Certificate authority - CA) =====

  * **System > Cert. Manager > CAs > Add**

{{:ca-tela-1.png|}}

{{:ca-tela-2.png|}}

===== Passo 2 - Criar o sertificado =====

  * **System > Cert. Manager > Certificates > Add/Sing**

{{:cert-t1.png|}}

{{:cert-t2.png|}}

===== Passo 3 - Criar a VPN =====

  * **VPN > OpenVPN >Servers > Add**

{{:vpn-t1.png|}}

{{:vpn-t2.png|}}

{{:vpn-t3.png|}}

{{:vpn-t4.png|}}

{{:vpn-t5.png|}}

{{:vpn-t6.png|}}

{{:vpn-t7.png|}}

===== Passo 4 - Criar regras de firewall =====
  * **Fireall > Aliases > Ports -> Add
**
{{:fw_aliases.png|}}

  * **Firewall > Rules > WAN_CENTURY_LINK -> Add**

{{:fw_rule_vpn_discar.png|}}

  * **Fireall > Aliases > IP -> Add**
{{:fw_aliases_net_vpn.png|}}

* **Firewall > Rules > OpenVPN -> Add**

{{:fw_rule_openvpn.png|}}

===== Passo 5 - Exportar a configuração do OpenVPN para os usuários =====

  * **System -> Package Manager -> Available Packages**

Procure e instale o aplicativo ''openvpn-client-export''

  * **VPN -> OpenVPN -> Client Export**