Linux/OpenVPN: Unterschied zwischen den Versionen

Zur Navigation springen Zur Suche springen
Keine Bearbeitungszusammenfassung
Zeile 4: Zeile 4:
Do not forget to first setup the key infrastructure: https://wiki.gentoo.org/wiki/Create_a_Public_Key_Infrastructure_Using_the_easy-rsa_Scripts
Do not forget to first setup the key infrastructure: https://wiki.gentoo.org/wiki/Create_a_Public_Key_Infrastructure_Using_the_easy-rsa_Scripts


I changed the OpenVPN server config to use tcp instead of udp in /etc/openvpn/openvpn.conf:
Add these lines to /etc/openvpn/openvpn.conf for routing all traffic:
proto tcp
 
Add these lines to /etc/openvpn/openvpn.conf:
  push "dhcp-option DNS 8.8.8.8"
  push "dhcp-option DNS 8.8.8.8"
  push "redirect-gateway def1"
  push "redirect-gateway def1"
Zeile 17: Zeile 14:
  CONFIG_IP_NF_NAT
  CONFIG_IP_NF_NAT


Enable IP forwarding in /etc/sysctl.conf:
Allow IP forwarding in /etc/sysctl.conf:
  net.ipv4.ip_forward = 1
  net.ipv4.ip_forward = 1


Check that it is enabled:
Check that it is allowed:
  cat /proc/sys/net/ipv4/ip_forward
  cat /proc/sys/net/ipv4/ip_forward


Enable on the fly:
Allow on the fly:
  echo 1 > /proc/sys/net/ipv4/ip_forward
  echo 1 > /proc/sys/net/ipv4/ip_forward


After each reboot:
Activate IP forwarding (necessary after each reboot):
  modprobe iptable_nat # if compiled as module
  modprobe iptable_nat # if compiled as module
  iptables -t nat -A POSTROUTING -s 10.100.0.0/24 -o eth0 -j MASQUERADE
  iptables -t nat -A POSTROUTING -s 10.100.0.0/24 -o eth0 -j MASQUERADE


Open port 12112 UDP on your router.
Start OpenVPN:
/etc/init.d/openvpn restart
If everything works, add OpenVPN to the default runlevel, so that it starts during boot:
If everything works, add OpenVPN to the default runlevel, so that it starts during boot:
  rc-update add openvpn
  rc-update add openvpn
1.103

Bearbeitungen

Navigationsmenü