Last active
December 24, 2018 09:13
-
-
Save TimoDJatomika/cf230514e724e5ab7a10a97bcad973e6 to your computer and use it in GitHub Desktop.
Revisions
-
TimoDJatomika revised this gist
Dec 24, 2018 . 1 changed file with 3 additions and 3 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -2,7 +2,7 @@ by Timo Stankowitz <[email protected]> ## apt ```bash sudo su apt update -y apt install openvpn -y @@ -20,7 +20,7 @@ copy the following files into that folder - server.key (chown 600) - dh2048.pem ## server conf `vi /etc/openvpn/server.conf` copy the following content into that file @@ -65,7 +65,7 @@ log-append /var/log/openvpn ``` ## activate masquerade ```bash #!/bin/bash echo activate MASQUERADE -
Dec 24, 2018 . 1 changed file with 4 additions and 10 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -64,25 +64,19 @@ verb 3 log-append /var/log/openvpn ``` ## activate masquerade ``` #!/bin/bash echo activate MASQUERADE iptables -t nat -A POSTROUTING -s 172.28.28.0/24 -o eth0 -j MASQUERADE # enable ip forwarding sysctl -w net.ipv4.ip_forward=1 ``` ## reboot Reboot the server. The OpenVPN Server should start automatically. Verify it with `systemctl status openvpn` -
Dec 23, 2018 . 1 changed file with 9 additions and 0 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -73,6 +73,15 @@ sysctl -w net.ipv4.ip_forward=1 exit 0 ``` ## activate masquerade ``` #!/bin/bash echo activate MASQUERADE iptables -t nat -A POSTROUTING -s 172.28.28.0/24 -o eth0 -j MASQUERADE ``` ## reboot reboot the server. The OpenVPN Server should start automatically. Verify it with `systemctl status openvpn` -
Dec 23, 2018 .There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -0,0 +1,79 @@ # How to install OpenVPN on Ubuntu 18.04 by Timo Stankowitz <[email protected]> ## apt ``` sudo su apt update -y apt install openvpn -y ``` ## certs Use the programm XCA to generate all certs and keys `mkdir /etc/openvpn/certs` copy the following files into that folder - ca.crt - server.crt - server.key (chown 600) - dh2048.pem ## Server conf `vi /etc/openvpn/server.conf` copy the following content into that file ``` port 1194 proto udp dev tun ca /etc/openvpn/certs/ca.crt cert /etc/openvpn/certs/server.crt key /etc/openvpn/certs/server.key dh /etc/openvpn/certs/dh2048.pem server 172.28.28.0 255.255.255.0 push "redirect-gateway def1 bypass-dhcp" client-to-client push "dhcp-option DNS 8.8.8.8" push "dhcp-option DNS 4.2.2.2" push "topology subnet" topology subnet route 172.28.28.0 255.255.255.0 keepalive 10 120 #comp-lzo user nobody group nogroup persist-key persist-tun status /var/log/openvpn-status.log verb 3 log-append /var/log/openvpn ``` ## /etc/rc.local add the following to the file `/etc/rc.local` ``` #!/bin/sh -e sysctl -w net.ipv4.ip_forward=1 exit 0 ``` ## reboot reboot the server. The OpenVPN Server should start automatically. Verify it with `systemctl status openvpn`