LaGiPusHinGWitH ----- IT
About This Site
Teknologi Informasi sangatlah penting untuk menunjang kemajuan ilmu pengetahuan di Indonesia pada khususnya. Dan ini semua haruslah ditunjang dengan kemampuan yang sepadan dengan kemajuan teknologi itu sendiri, terlebih untuk para praktisi IT itu sendiri. Akhir kata "Selamat berkarya" untuk kita semua. koy^k^guy^ - Owner
Navigation
Home |
Calendar
| September 2007 | ||||||
|---|---|---|---|---|---|---|
| S | M | T | W | T | F | S |
| 1 | ||||||
| 2 | 3 | 4 | 5 | 6 | 7 | 8 |
| 9 | 10 | 11 | 12 | 13 | 14 | 15 |
| 16 | 17 | 18 | 19 | 20 | 21 | 22 |
| 23 | 24 | 25 | 26 | 27 | 28 | 29 |
| 30 | ||||||
Categories
Monthly Archives
- September 2010
- October 2009
- December 2008
- November 2008
- October 2008
- September 2008
- July 2008
- May 2008
- March 2008
- December 2007
- October 2007
- September 2007
- August 2007
Most recent entries
- Create Oracle Tablespace on SAP with BRTools
- Audit on Oracle Database
- Membuat Oracle Data Guard
- Cerita Tentang Kamu
- Membuat ulang/re-create controlfile di oracle
- Membuat RMAN dengan crontab
- Saat kau hadir kembali
- Memindahkan controlfile dan redologfile pada Oracle
- Oracle Dataguard on Standart Edition
- Adakah aku dihatimu
- Instalasi 10g di HP-UX Itanium
- Instalasi OpenOffice di Slackware 12
- Syncronize archive log
- Merubah ukuran archived Log
- Alter Block Size for tablespace
Syndicate
Site Statistics
This page has been viewed 256149 times
Page rendered in 0.3240 seconds
37 queries executed
Debug mode is on
Total Entries: 61
Total Comments: 17
Total Trackbacks: 42607
Most Recent Entry: 09/28/2010 09:19 pm
Most Recent Comment on: 09/28/2010 09:51 pm
Total Members: 1
Total Logged in members: 0
Total guests: 5
Total anonymous users: 0
Most Recent Visitor on: 02/06/2012 02:52 am
The most visitors ever was 269 on 05/28/2011 03:07 pm
Site Credits
Powered by:
ExpressionEngine
Design by:
BlogMoxie
Akhirnya selesai juga saya membangun VPN Server dikantor, dan seperti biasanya artikel ini saya tulis sebagai referensi buat saya sendiri.
OK, langsung saja...saya menggunakan Slackware R12 sebagai servernya dan menggunakan OpenVPN-1.6.0
root@slackware:/usr/local/openvpn/openvpn-1.6.0# tar -zxvf openvpn-1.6.0.tar.gz
root@slackware:/usr/local/openvpn/openvpn-1.6.0# cd openvpn-1.6.0
root@slackware:/usr/local/openvpn/openvpn-1.6.0# ./configure
root@slackware:/usr/local/openvpn/openvpn-1.6.0# make
root@slackware:/usr/local/openvpn/openvpn-1.6.0# make install
LOOPBACK TESTS (after BUILD):
Test Crypto:
root@slackware:/usr/local/openvpn/openvpn-1.6.0# ./openvpn --genkey --secret key
root@slackware:/usr/local/openvpn/openvpn-1.6.0# ./openvpn --test-crypto --secret key
-------------------------- potong ------------------------------------------
Mon Sep 24 14:50:24 2007 1293: TESTING ENCRYPT/DECRYPT of packet length=1292
Mon Sep 24 14:50:24 2007 1294: TESTING ENCRYPT/DECRYPT of packet length=1293
Mon Sep 24 14:50:24 2007 1295: TESTING ENCRYPT/DECRYPT of packet length=1294
Mon Sep 24 14:50:24 2007 1296: TESTING ENCRYPT/DECRYPT of packet length=1295
Mon Sep 24 14:50:24 2007 1297: TESTING ENCRYPT/DECRYPT of packet length=1296
Mon Sep 24 14:50:24 2007 1298: TESTING ENCRYPT/DECRYPT of packet length=1297
Mon Sep 24 14:50:24 2007 1299: TESTING ENCRYPT/DECRYPT of packet length=1298
Mon Sep 24 14:50:24 2007 1300: TESTING ENCRYPT/DECRYPT of packet length=1299
Mon Sep 24 14:50:24 2007 1301: TESTING ENCRYPT/DECRYPT of packet length=1300
Mon Sep 24 14:50:24 2007 1302: OpenVPN crypto self-test mode SUCCEEDED.
Test SSL/TLS negotiations (runs for 2 minutes):
./openvpn --config sample-config-files/loopback-server (Simultaneously in another window)
root@slackware:/usr/local/openvpn/openvpn-1.6.0# ./openvpn --config sample-config-files/loopback-server
Mon Sep 24 14:51:05 2007 0: OpenVPN 1.6.0 i686-pc-linux-gnu [SSL] built on Sep 14 2007
Mon Sep 24 14:51:05 2007 1: Diffie-Hellman initialized with 1024 bit key
Mon Sep 24 14:51:05 2007 2: WARNING: file ‘sample-keys/server.key’ is group or others accessible
Mon Sep 24 14:51:05 2007 3: Control Channel MTU parms [ L:1341 D:138 EF:38 EB:0 ET:0 EL:0 ]
Mon Sep 24 14:51:05 2007 4: Data Channel MTU parms [ L:1341 D:1341 EF:41 EB:0 ET:0 EL:0 ]
Mon Sep 24 14:51:05 2007 5: Local Options hash (VER=V3): ‘4e46f95f’
Mon Sep 24 14:51:05 2007 6: Expected Remote Options hash (VER=V3): ‘c2e6d23e’
Mon Sep 24 14:51:05 2007 7: UDPv4 link local (bound): 127.0.0.1:16000
Mon Sep 24 14:51:05 2007 8: UDPv4 link remote: 127.0.0.1:16001
./openvpn --config sample-config-files/loopback-client (In one window)
root@slackware:/usr/local/openvpn/openvpn-1.6.0# ./openvpn --config sample-config-files/loopback-client
Mon Sep 24 14:57:51 2007 0: OpenVPN 1.6.0 i686-pc-linux-gnu [SSL] built on Sep 14 2007
Mon Sep 24 14:57:51 2007 1: WARNING: file ‘sample-keys/client.key’ is group or others accessible
Mon Sep 24 14:57:51 2007 2: Control Channel MTU parms [ L:1341 D:138 EF:38 EB:0 ET:0 EL:0 ]
Mon Sep 24 14:57:51 2007 3: Data Channel MTU parms [ L:1341 D:1341 EF:41 EB:0 ET:0 EL:0 ]
Mon Sep 24 14:57:51 2007 4: Local Options hash (VER=V3): ‘c2e6d23e’
Mon Sep 24 14:57:51 2007 5: Expected Remote Options hash (VER=V3): ‘4e46f95f’
Mon Sep 24 14:57:51 2007 6: UDPv4 link local (bound): 127.0.0.1:16001
Mon Sep 24 14:57:51 2007 7: UDPv4 link remote: 127.0.0.1:16000
# Proses instalasi selesai, sekarang kita buat key untuk vpn server kita, Lakukan seperti dibawah ( contoh key: roninmorgue.key )
root@slackware:/usr/local/openvpn/openvpn-1.6.0# ./openvpn --genkey --secret roninmorgue.key
Comand di atas akan membuat sebuah file bernama roninmorgue.key , dimana isi file nya berisikan configurasi key dari openvpn yang kita install.
akan terlihat apabila kita mengetikan # ls -la
root@slackware:/usr/local/openvpn/openvpn-1.6.0# ls -la
-rw-r--r-- 1 root root 31644 2007-09-14 00:34 reliable.o
-rw------- 1 root root 636 2007-09-24 15:27 roninmorgue.key
root@slackware:/usr/local/openvpn/openvpn-1.6.0# vi roninmorgue.key
# 2048 bit OpenVPN static key
#
-----BEGIN OpenVPN Static key V1-----
80c7e35b05b073621e79129ee413b550
2b5bedaa0096e3bde8017bba1f4b828a
eeed64ec71bc1b236fd89c363516f72f
cab7019a69ad5c37cb8cf5c15d7c7978
5abeb172d402b16af6d7257177a6faa2
4a4b9f48a85f5a8826f7d9ccb9e80d99
777ee7a4bc84bb7a40a74be58af09479
e1cc9cf79dd13184f2b9d5b897b35a24
ee93f66da88d06d16f6b0f6e7c2015dd
dd686712764c5d0432d86c726bc145e9
db61cf640811ec02174b7116bdfa6332
464a592df008be8c877ac575587c6306
d5054af7dc0dc8dfdaea10221a5f5725
d14d0427c66b4d92ac43be3669559d28
6e613a01758fd1515e66768b2b07d3ce
10751e70b14e6b9c71bbc34c13ddebea
-----END OpenVPN Static key V1-----
# Selanjutnya kita buat file openvpn.conf , yang akan berisi configurasi dari server openvpn kita.
root@slackware:/usr/local/openvpn/openvpn-1.6.0# vi openvpn.conf
----------begin openvpn.conf-----------
dev tun
ifconfig 202.152.28.237 202.152.28.238
secret roninmorgue.key
----------eof openvpn.conf-------------
# Sekarang kita akan meng-aktifkan openvpn, disini diperlukan dev tun, kalau di freebsd tun sudah ada sejak kita menginstall freebsd. Sedangkan dilinux terkadang hanya berupa librarynya aja. Jadi kita perlu membuat direktori /dev/net
root@slackware:/usr/local/openvpn/openvpn-1.6.0# mkdir /dev/net
root@slackware:/usr/local/openvpn/openvpn-1.6.0# cd /dev/net
TUN/TAP Driver Configuration:
* Linux 2.4 or higher (with integrated TUN/TAP driver):
(1) make device node: mknod /dev/net/tun c 10 200
(2a) add to /etc/modules.conf: alias char-major-10-200 tun
(2b) load driver: modprobe tun
(3) enable routing: echo 1 > /proc/sys/net/ipv4/ip_forward
root@slackware:/usr/local/openvpn/openvpn-1.6.0# mknod /dev/net/tun c 10 200
root@slackware:/usr/local/openvpn/openvpn-1.6.0# modprobe tun
root@slackware:/usr/local/openvpn/openvpn-1.6.0# ./openvpn --config openvpn.conf
Mon Sep 24 16:16:26 2007 0: OpenVPN 1.6.0 i686-pc-linux-gnu [SSL] built on Sep 14 2007
Mon Sep 24 16:16:26 2007 1: TUN/TAP device tun0 opened
Mon Sep 24 16:16:26 2007 2: /sbin/ifconfig tun0 202.152.28.237 pointopoint 202.152.28.238 mtu 1256
Mon Sep 24 16:16:26 2007 3: UDPv4 link local (bound): [undef]:5000
Mon Sep 24 16:16:26 2007 4: UDPv4 link remote: [undef]
Sekarang VPN server kita telah berjalan. 
sebagai pembuktian kita lakukan pemeriksaan -->
root@slackware:/usr/local/openvpn/openvpn-1.6.0# ifconfig
eth0 Link encap:Ethernet HWaddr 00:11:5B:A1:CA:E9
inet addr:202.151.28.153 Bcast:192.168.1.255 Mask:255.255.255.0
inet6 addr: fe80::211:5bff:fea1:cae9/64 Scope:Link
UP BROADCAST NOTRAILERS RUNNING MULTICAST MTU:1500 Metric:1
RX packets:3 errors:0 dropped:0 overruns:0 frame:0
TX packets:18 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:1240 (1.2 KiB) TX bytes:3962 (3.8 KiB)
Interrupt:16 Base address:0x2000
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:40 errors:0 dropped:0 overruns:0 frame:0
TX packets:40 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:2240 (2.1 KiB) TX bytes:2240 (2.1 KiB)
tun0 Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
inet addr:202.152.28.237 P-t-P:202.152.28.238 Mask:255.255.255.255
UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1256 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:500
RX bytes:0 (0.0 b) TX bytes:0 (0.0 b)
OK...tun0 sudah aktif....
Insya Allah untuk pembuatan sertifikat RSA dan VPN Client-nya segera menyusul....kalau sekarang kepanjangan..
Computer Unix • (0) Comments • (524) Trackbacks • Permalink
Tutorial ini saya tulis setelah saya berhasil membangun web server di kantor saya (Menggunakan RHELAS 3).
Adapun kebutuhan dari web server tersebut adalah dapat berkomunikasi dengan database Oracle (Oracle 10g)
(pada mesin yang berbeda/remote) dan MySQL(lokal mesin), serta PHP sebagai bahasa pemrograman web-nya.
Berdasarkan kebutuhan tersebut maka Software yang digunakan adalah:
1. ZendCoreForOracle-v2.0.1-Linux-x86.tar.gz
2. oracle-instantclient-basic-10.2.0.3-1.i386.rpm
3. oracle-instantclient-devel-10.2.0.3-1.i386.rpm
4. mysql-5.0.45-linux-i686-glibc23.tar.gz
5. phpMyAdmin-2.11.0-rc1-all-languages.tar.bz2
Langkah-langkah :
Instalasi ZendCoreForOracle
1. Login sebagai root pada shell anda dan extract ZendCoreForOracle
[root@webserver gunawan]# gunzip /home/gunawan/ZendCoreForOracle-v2.0.1-Linux-x86.tar.gz | tar xvf -
2. Masuk kedalam direktori hasil extract
[root@webserver gunawan]# cd ZendCoreForOracle-v2.0.1-Linux-x86
3. Jalankan script instalasi
[root@webserver gunawan]# ./install
4. Saat Wizard Instalasi berjalan, ikuti semua petunjuknya sampai instalasi selesai.
5. Untuk mengakses/melakukan konfigurasi ZendCore dapat menggunakan web based
http://alamat_host:port/ZendCore
Instalasi oracle-instantclient-basic dan oracle-instantclient-devel
1. Login sebagai root
[root@webserver gunawan]# rpm -Uvh oracle-instantclient-basic-10.2.0.3-1.i386.rpm
[root@webserver gunawan]# rpm -Uvh oracle-instantclient-devel-10.2.0.3-1.i386.rpm
Instalasi dan konfigurasi mysql-5.0.45
1. login sebagai root dan buat group mysql untuk menjalankan aplikasi:
[root@webserver /]# ./usr/sbin/groupadd mysql
2. Buat user mysql untuk menjalankan aplikasi
[root@webserver /]# ./usr/sbin/useradd -g mysql mysql
3. Extract file mysql-5.0.45-linux
[root@webserver local]# gunzip /home/gunawan/mysql-5.0.45-linux-i686-glibc23.tar.gz | tar xvf -
4. Buat link file
[root@webserver local]# ln -s /home/gunawan/mysql-5.0.45-linux-i686-glibc23 mysql
[root@webserver local]# cd mysql
5. Rubah kepemilikan user
[root@webserver mysql]# chown -R mysql .
6. Rubah kepemilikan group
[root@webserver mysql]# chgrp -R mysql .
7. Jalankan script untuk mengaktifkan mysql
[root@webserver mysql]# scripts/mysql_install_db --user=mysql
Neither host ‘webserver’ nor ‘localhost’ could be looked up with ./bin/resolveip
Please configure the ‘hostname’ command to return a correct hostname.
If you want to solve this at a later stage, restart this script with the --force option
[root@webserver mysql]# scripts/mysql_install_db --force --user=mysql
Installing MySQL system tables…
OK
Filling help tables…
OK
Setelah semuanya di install, kita harus melakukan testing
[root@webserver mysql]# ./support-files/mysql.server status
MySQL running (7585) [ OK ]
8. Agar mysql dijalankan pada saat server/mesin berjalan lakukan konfigurasi pada file /etc/rc.local
[root@webserver mysql]# vi /etc/rc.local
—sesuaikan path-nya dengan direktori instalasi anda
./home/gunawan/mysql-5.0.45-linux-i686-glibc23/bin/mysqld_safe --user=mysql &
Instalasi phpMyAdmin-2.11.0
1. Login sebagai root dan extract phpMyAdmin-2.11.0-rc1-all-languages.tar.bz2
2. Pindahkan direktory phpMyAdmin-2.11.0-rc1-all-languages ke direktory web root
[root@webserver gunawan]# mv ./phpMyAdmin-2.11.0-rc1-all-languages ./usr/local/Zend/apache2/htdocs/phpMyadmin
Konfigurasi phpMyadmin
1. <?php
/* vim: set expandtab sw=4 ts=4 sts=4: */
/**
* phpMyAdmin sample configuration, you can use it as base for
* manual configuration. For easier setup you can use scripts/setup.php
*
* All directives are explained in Documentation.html and on phpMyAdmin
* wiki <http://wiki.cihar.com>.
*
* @version $Id: config.sample.inc.php 10142 2007-03-20 10:32:13Z cybot_tm $
*/
/*
* This is needed for cookie based authentication to encrypt password in
* cookie
*/
$cfg['blowfish_secret'] = 'k4t4r4h4514k4mupuny4'; /* YOU MUST FILL IN THIS FOR COOKIE AUTH! */
/*
* Servers configuration
*/
$i = 0;
/*
* First server
*/
$i++;
/* Authentication type */
$cfg['Servers'][$i]['auth_type'] = 'cookie';
/* Server parameters */
$cfg['Servers'][$i]['host'] = '127.0.0.1'; // sesuaikan dengan nama host lokal anda
$cfg['Servers'][$i]['connect_type'] = 'tcp';
$cfg['Servers'][$i]['compress'] = false;
/* Select mysqli if your server has it */
$cfg['Servers'][$i]['extension'] = 'mysql';
/* User for advanced features */
// $cfg['Servers'][$i]['controluser'] = 'pma';
// $cfg['Servers'][$i]['controlpass'] = 'pmapass';
/* Advanced phpMyAdmin features */
// $cfg['Servers'][$i]['pmadb'] = 'phpmyadmin';
// $cfg['Servers'][$i]['bookmarktable'] = 'pma_bookmark';
// $cfg['Servers'][$i]['relation'] = 'pma_relation';
// $cfg['Servers'][$i]['table_info'] = 'pma_table_info';
// $cfg['Servers'][$i]['table_coords'] = 'pma_table_coords';
// $cfg['Servers'][$i]['pdf_pages'] = 'pma_pdf_pages';
// $cfg['Servers'][$i]['column_info'] = 'pma_column_info';
// $cfg['Servers'][$i]['history'] = 'pma_history';
// $cfg['Servers'][$i]['designer_coords'] = 'pma_designer_coords';
/*
* End of servers configuration
*/
/*
* Directories for saving/loading files from server
*/
$cfg['UploadDir'] = '';
$cfg['SaveDir'] = '';
?>
2. Berikan password untuk user root pada database
[root@webserver bin]# mysql -u root
Welcome to the MySQL monitor. Commands end with ; or \g.
Your MySQL connection id is 7 to server version: 5.0.45
Type ‘help;’ or ‘\h’ for help. Type ‘\c’ to clear the buffer.
mysql> UPDATE mysql.user SET Password = PASSWORD(’passwordrootanda’) WHERE User = ‘root’;
Query OK, 3 rows affected (0.10 sec)
Rows matched: 3 Changed: 3 Warnings: 0
mysql> FLUSH PRIVILEGES;
Query OK, 0 rows affected (0.02 sec)
mysql> select host,user from mysql.user;
+-----------+------+
| host | user |
+-----------+------+
| 127.0.0.1 | root |
| localhost | root |
| webserver | root |
+-----------+------+
3 rows in set (0.02 sec)
mysql> select host,user,password from mysql.user;
+-----------+------+-------------------------------------------+
| host | user | password |
+-----------+------+-------------------------------------------+
| localhost | root | *89045956ED##############EDIT############ |
| webserver | root | *89045956ED##############EDIT############ |
| 127.0.0.1 | root | *89045956ED##############EDIT############ |
+-----------+------+-------------------------------------------+
3 rows in set (0.00 sec)
mysql>
Terakhir kita lakukan perubahan kepemilikan user pada direktori /htdocs
[root@webserver gunawan]# chown -R gunawan /usr/local/Zend/apache2/htdocs
Computer Unix • (0) Comments • (282) Trackbacks • Permalink