cdwilson · July 7, 2012 21:49 · Jul 8, 2012 · Jul 8, 2012 · Jul 8, 2012 · Jul 8, 2012
diff --git a/setup_bridged_vpn.sh b/setup_bridged_vpn.sh
@@ -59,7 +59,7 @@ sudo gzip -d /etc/openvpn/server.conf.gz
 # ;server 10.8.0.0 255.255.255.0
 # server-bridge 10.0.1.204 255.255.255.0 10.0.1.50 10.0.1.99
 
-# initially, i wasn't able to connect because I hadn't specified "script-security 2"
+# FYI, initially, i wasn't able to connect because I hadn't specified "script-security 2"
 # inspecting /var/log/syslog revealed: 
 #   NOTE: OpenVPN 2.1 requires '--script-security 2' or higher to call user-defined scripts or executables
 #   ...
@@ -79,4 +79,6 @@ sudo cp /usr/share/doc/openvpn/examples/sample-config-files/client.conf /etc/ope
 # key client1.key
 
 # start openvpn on the server
-sudo service openvpn start
+sudo service openvpn start
+
+# install the client.conf and keys on the client, and connect!
diff --git a/setup_bridged_vpn.sh b/setup_bridged_vpn.sh
@@ -62,7 +62,7 @@ sudo gzip -d /etc/openvpn/server.conf.gz
 # initially, i wasn't able to connect because I hadn't specified "script-security 2"
 # inspecting /var/log/syslog revealed: 
 #   NOTE: OpenVPN 2.1 requires '--script-security 2' or higher to call user-defined scripts or executables
-#  ...
+#   ...
 #   WARNING: External program may not be called unless '--script-security 2' or higher is enabled.  Use '--script-security 3 system' for backward compatibility with 2.1_rc8 and earlier.  See --help text or man page for detailed info.
 #   WARNING: Failed running command (--up/--down): external program fork failed
 #   Exiting

diff --git a/setup_bridged_vpn.sh b/setup_bridged_vpn.sh
@@ -7,17 +7,19 @@
 # don't actually run this as a script
 exit 0
 
+# setup airport to port forward 1194 to OpenVPN server
+
 sudo apt-get -y install openvpn bridge-utils
 
 sudo mkdir /etc/openvpn/easy-rsa/
 sudo cp -r /usr/share/doc/openvpn/examples/easy-rsa/2.0/* /etc/openvpn/easy-rsa/
 
-# edit /etc/openvpn/easy-rsa/vars adjusting the following to your environment
+# edit /etc/openvpn/easy-rsa/vars:
 # export KEY_COUNTRY="US"
-# export KEY_PROVINCE="CA"
-# export KEY_CITY="San Diego"
-# export KEY_ORG="cdwilson.us"
-# export KEY_EMAIL="[email protected]"
+# export KEY_PROVINCE="NC"
+# export KEY_CITY="Winston-Salem"
+# export KEY_ORG="Example Company"
+# export KEY_EMAIL="[email protected]"
 
 # CA
 cd /etc/openvpn/easy-rsa/
@@ -46,7 +48,7 @@ source vars
 sudo cp /usr/share/doc/openvpn/examples/sample-config-files/server.conf.gz /etc/openvpn/
 sudo gzip -d /etc/openvpn/server.conf.gz
 # edit /etc/openvpn/server.conf:
-# script-security 3
+# script-security 2
 # dev tap
 # ;dev tun
 # up "/etc/openvpn/up.sh br0 eth0"
@@ -57,4 +59,24 @@ sudo gzip -d /etc/openvpn/server.conf.gz
 # ;server 10.8.0.0 255.255.255.0
 # server-bridge 10.0.1.204 255.255.255.0 10.0.1.50 10.0.1.99
 
+# initially, i wasn't able to connect because I hadn't specified "script-security 2"
+# inspecting /var/log/syslog revealed: 
+#   NOTE: OpenVPN 2.1 requires '--script-security 2' or higher to call user-defined scripts or executables
+#  ...
+#   WARNING: External program may not be called unless '--script-security 2' or higher is enabled.  Use '--script-security 3 system' for backward compatibility with 2.1_rc8 and earlier.  See --help text or man page for detailed info.
+#   WARNING: Failed running command (--up/--down): external program fork failed
+#   Exiting
+
+# client config
+# install openvpn client on OSX, http://code.google.com/p/tunnelblick/
+sudo cp /usr/share/doc/openvpn/examples/sample-config-files/client.conf /etc/openvpn/
+# edit /etc/openvpn/client.conf:
+# dev tap
+# ;dev tun
+# remote vpn.cdwilson.us 1194
+# ca ca.crt
+# cert client1.crt
+# key client1.key
 
+# start openvpn on the server
+sudo service openvpn start
diff --git a/setup_bridged_vpn.sh b/setup_bridged_vpn.sh
@@ -0,0 +1,60 @@
+#!/bin/sh
+
+# Ubuntu 12.04
+
+# https://help.ubuntu.com/12.04/serverguide/openvpn.html
+
+# don't actually run this as a script
+exit 0
+
+sudo apt-get -y install openvpn bridge-utils
+
+sudo mkdir /etc/openvpn/easy-rsa/
+sudo cp -r /usr/share/doc/openvpn/examples/easy-rsa/2.0/* /etc/openvpn/easy-rsa/
+
+# edit /etc/openvpn/easy-rsa/vars adjusting the following to your environment
+# export KEY_COUNTRY="US"
+# export KEY_PROVINCE="CA"
+# export KEY_CITY="San Diego"
+# export KEY_ORG="cdwilson.us"
+# export KEY_EMAIL="[email protected]"
+
+# CA
+cd /etc/openvpn/easy-rsa/
+# whichopensslcnf was broken so I had to hard code:
+# export KEY_CONFIG="$EASY_RSA/openssl-1.0.0.cnf"
+source vars
+./clean-all
+./build-ca
+
+# server certs
+./build-key-server server
+./build-dh
+cd keys/
+cp server.crt server.key ca.crt dh1024.pem /etc/openvpn/
+
+# client certs
+cd /etc/openvpn/easy-rsa/
+source vars
+./build-key client1
+# copy the following files to the client using a secure method:
+#    /etc/openvpn/ca.crt
+#    /etc/openvpn/easy-rsa/keys/client1.crt
+#    /etc/openvpn/easy-rsa/keys/client1.key
+
+# server config
+sudo cp /usr/share/doc/openvpn/examples/sample-config-files/server.conf.gz /etc/openvpn/
+sudo gzip -d /etc/openvpn/server.conf.gz
+# edit /etc/openvpn/server.conf:
+# script-security 3
+# dev tap
+# ;dev tun
+# up "/etc/openvpn/up.sh br0 eth0"
+# ca ca.crt
+# cert server.crt
+# key server.key 
+# dh dh1024.pem
+# ;server 10.8.0.0 255.255.255.0
+# server-bridge 10.0.1.204 255.255.255.0 10.0.1.50 10.0.1.99
+
+
diff --git a/setup_vpn.sh b/setup_vpn.sh
@@ -1,7 +0,0 @@
-#!/bin/sh
-
-# Ubuntu 12.04
-
-# https://help.ubuntu.com/12.04/serverguide/openvpn.html
-
-sudo apt-get -y install openvpn

diff --git a/setup_vpn.sh b/setup_vpn.sh
@@ -0,0 +1,7 @@
+#!/bin/sh
+
+# Ubuntu 12.04
+
+# https://help.ubuntu.com/12.04/serverguide/openvpn.html
+
+sudo apt-get -y install openvpn
No results found