Digital Drip - The Tech Blog of Jon Gaudette
Blog  /  A Basic Routed OpenVPN Setup
Missing

A Basic Routed OpenVPN Setup

Posted on: January 01, 2012
0 comments

It’s really easy to setup a new VPN.

1) Install openvpn
2) Punch port 11xx through your firewall
a) Using shorewall? Do this
1. interface, routes, rules, policy
3) Setup your keys using easy-rsa
4) Setup a server config

dev tun
proto tcp
port 1194

ca /etc/openvpn/easy-rsa/2.0/keys/ca.crt
cert /etc/openvpn/easy-rsa/2.0/keys/server.crt
key /etc/openvpn/easy-rsa/2.0/keys/server.key
dh /etc/openvpn/easy-rsa/2.0/keys/dh1024.pem

user nobody
group nobody
server 10.8.0.0 255.255.255.0

persist-key
persist-tun
client-config-dir ccd

route 192.168.2.0 255.255.255.0

#status openvpn-status.log
#verb 3
client-to-client
keepalive 10 60

push “route 192.168.1.0 255.255.255.0”
#push “redirect-gateway def1”
#push “dhcp-option DNS 173.203.4.8”

log-append /var/log/openvpn
comp-lzo

5) Why Tun? Tun vs Tap
6) Permanent Client
7) Road Warriors

Looking for more? Head on over to the archives.

Comments are Disabled