Open VPN Install 24.04LTS: Difference between revisions
Jump to navigation
Jump to search
(Created page with " apt install openvpn copy back the etc files from the openvpn backup including all the RSA params etc. systemctl enable openvpn@solaris systemctl enable openvpn@solarisgaming service openvpn start Add a static route on the main router so the OpenVPN traffic can route for the 10. network <pre> Network Subnet mask Gateway 10.3.0.0 255.255.255.0 192.168.3.200 </pre> Make sure the OpenVPN server has IP forwarding turned on. nano /etc/sysctl.d/localforwarding...") |
No edit summary |
||
| (2 intermediate revisions by the same user not shown) | |||
| Line 1: | Line 1: | ||
apt install openvpn | apt install openvpn easy-rsa | ||
copy back the etc files from the openvpn backup including all the RSA params etc. | Setup easyRSA | ||
make-cadir /etc/openvpn/easy-rsa | |||
Create the keystore / CA | |||
./easyrsa init-pki | |||
./easyrsa build-ca | |||
This creates the PKI directory in which we will copy back our exiting keys / certs | |||
copy our config file back. | |||
Copy back the etc files from the openvpn backup including all the RSA params etc. | |||
It should look like this for socttworldgaming.conf | |||
<pre> | |||
; Thia allows internal to internal with Internet traffice split to direct. | |||
port 1195 | |||
proto udp4 | |||
dev tap | |||
tls-server | |||
ca /etc/openvpn/easy-rsa/pki/ca.crt | |||
cert /etc/openvpn/easy-rsa/pki/solaris.crt | |||
key /etc/openvpn/easy-rsa/pki/solaris.key | |||
dh /etc/openvpn/easy-rsa/pki/dh2048.pem | |||
cipher AES-256-CBC | |||
server-bridge 10.3.200.1 255.255.0.0 10.3.102.1 10.3.102.10 | |||
push "dhcp-option DNS 10.3.200.1" | |||
;push "redirect-gateway" | |||
keepalive 30 90 | |||
;compress lzo | |||
max-clients 5 | |||
user nobody | |||
group nogroup | |||
persist-key | |||
persist-tun | |||
status openvpn-gaming-status.log | |||
verb 3 | |||
duplicate-cn | |||
script-security 2 | |||
up "/etc/openvpn/up.sh br0 tap0 1500" | |||
down "/etc/openvpn/down.sh br0 tap0" | |||
client-to-client | |||
</pre> | |||
systemctl enable openvpn@solarisgaming | systemctl enable openvpn@solarisgaming | ||
| Line 19: | Line 63: | ||
Make sure the OpenVPN server has IP forwarding turned on. | Make sure the OpenVPN server has IP forwarding turned on. | ||
nano /etc/sysctl.d/ | nano /etc/sysctl.d/local.conf | ||
Add this to the file | Add this to the file | ||
Latest revision as of 15:12, 19 March 2024
apt install openvpn easy-rsa
Setup easyRSA
make-cadir /etc/openvpn/easy-rsa
Create the keystore / CA
./easyrsa init-pki ./easyrsa build-ca
This creates the PKI directory in which we will copy back our exiting keys / certs
copy our config file back.
Copy back the etc files from the openvpn backup including all the RSA params etc.
It should look like this for socttworldgaming.conf
; Thia allows internal to internal with Internet traffice split to direct. port 1195 proto udp4 dev tap tls-server ca /etc/openvpn/easy-rsa/pki/ca.crt cert /etc/openvpn/easy-rsa/pki/solaris.crt key /etc/openvpn/easy-rsa/pki/solaris.key dh /etc/openvpn/easy-rsa/pki/dh2048.pem cipher AES-256-CBC server-bridge 10.3.200.1 255.255.0.0 10.3.102.1 10.3.102.10 push "dhcp-option DNS 10.3.200.1" ;push "redirect-gateway" keepalive 30 90 ;compress lzo max-clients 5 user nobody group nogroup persist-key persist-tun status openvpn-gaming-status.log verb 3 duplicate-cn script-security 2 up "/etc/openvpn/up.sh br0 tap0 1500" down "/etc/openvpn/down.sh br0 tap0" client-to-client
systemctl enable openvpn@solarisgaming
service openvpn start
Add a static route on the main router so the OpenVPN traffic can route for the 10. network
Network Subnet mask Gateway 10.3.0.0 255.255.255.0 192.168.3.200
Make sure the OpenVPN server has IP forwarding turned on.
nano /etc/sysctl.d/local.conf
Add this to the file
net.ipv4.ip_forward=1
Save and restart process
systemctl restart procps.service