PHC - Korra
Honorary Poster
- Joined
- Oct 10, 2016
- Posts
- 399
- Reaction
- 170
- Points
- 199
Ito na ang pinakakahintay nyo na OpenVPN Tutorial
Requirements:
Creating a Certificate Authority and Server-Side Certificate & Key
Requirements:
- VPS Server
- Utak
- Talento
- Patience
- Internet Connection
- sudo apt-get update --fix-missing -y && apt-get install -y openvpn easy-rsa
- gunzip -c /usr/share/doc/openvpn/examples/sample-config-files/server.conf.gz > /etc/openvpn/server.conf
- nano /etc/openvpn/server.conf
- (Self-Made Config) Edit Line: dh "dh1024.pem" to "dh2048.pem" or as satisfied.
- ;push "redirect-gateway def1 bypass-dhcp" uncomment this by removing -> ";" <-
- Add these at the desired Config Lane and same as above, uncomment ";":
;push "dhcp-option DNS 208.67.222.222"
;push "dhcp-option DNS 208.67.220.220"
- Ctrl X and hit save at the Moment. (I chose nano because it's pretty easy at madali lang gamitin for Unix)
- Lastly, execute this Command:
echo 1 > /proc/sys/net/ipv4/ip_forward - nano /etc/sysctl.conf
- Uncomment
"#net.ipv4.ip_forward=1" to "net.ipv4.ip_forward=1" - ufw allow ssh
Also, ufw allow 1194/tcp and allow port 1194 as TCP in the Config of OpenVPN Config. - nano /etc/default/ufw
DEFAULT_FORWARD_POLICY="ACCEPT"
- nano /etc/ufw/before.rules
#
# rules.before
#
# Rules that should be run before the ufw command line added rules. Custom
# rules should be added to one of these chains:
# ufw-before-input
# ufw-before-output
# ufw-before-forward
#
# START OPENVPN RULES
# NAT table rules
*nat
OSTROUTING ACCEPT [0:0]
# Allow traffic from OpenVPN client to eth0
-A POSTROUTING -s 10.8.0.0/8 -o eth0 -j MASQUERADE
COMMIT
# END OPENVPN RULES
# Don't delete these required lines, otherwise there will be errors
*filter - ufw enable
Command may disrupt existing ssh connections. Proceed with operation (y|n)? [Y]
- Check UFW Firewall,
ufw status
Creating a Certificate Authority and Server-Side Certificate & Key
- reserved
- reserved
Last edited: