User Tools

Site Tools


openvpn

Installation on Ubuntu Server

apt-get install openvpn

Installation on Debian Server

tee /etc/apt/sources.list.d/backports.list << EOF
deb http://ftp.us.debian.org/debian wheezy-backports main
EOF
apt-get update; apt-get -t wheezy-backports install openvpn -y

CA Configuration

cp -r /usr/share/doc/openvpn/examples/easy-rsa/ /etc/openvpn/
cd /etc/openvpn/easy-rsa/2.0
source vars
./clean-all
./build-ca
./build-dh

Server Configuration

On CA:

cd /etc/openvpn/easy-rsa/2.0
source vars
./build-key-server <servername>

Then copy these files to the target server:

/etc/openvpn/easy-rsa/2.0/keys/ca.crt
/etc/openvpn/easy-rsa/2.0/keys/servername.crt
/etc/openvpn/easy-rsa/2.0/keys/servername.key
/etc/openvpn/easy-rsa/2.0/keys/dh1024.pem 

Server Configuration File Example

local <ServerIP> # Optional
port 8080
proto udp
dev tun
ca /etc/openvpn/ca.crt
cert /etc/openvpn/server.crt
key /etc/openvpn/server.key
dh /etc/openvpn/dh1024.pem 
ifconfig-pool-persist ipp.txt
server 10.168.1.0 255.255.255.0
push "redirect-gateway"
push "dhcp-option DNS 8.8.8.8"
push "dhcp-option DNS 8.8.4.4"
client-to-client
keepalive 20 60
comp-lzo
max-clients 50
persist-key
persist-tun
status openvpn-status.log
log-append openvpn.log
verb 3
mute 20

Server Restart

service openvpn restart

Note: Set up NAT correctly before trying it :D

References:

openvpn.txt · Last modified: 2017/01/05 06:19 by felixonmars