Then we move to the last steps with the server keys generation This may take a long time (One hour on Pi Zero!) Now we use dhparam to generate the Diffie-Helman file openssl dhparam -out /etc/openvpn/dh2048.pem 2048 Once the vars file is properly set, we can start with keys generation Generate SSL keys Then set the KEY_NAME like this export KEY_NAME="server".Fill the other KEY options with your own information, for example: export KEY_COUNTRY="US".If you have another version, check in the easy-vars/ folder if you have a file closer to your version, and edit this line I had issues with this line, this one works with my 1.1.0j OpenSSL version Change or add the KEY_CONFIG option to use this syntax instead export KEY_CONFIG=$EASY_RSA/openssl-1.0.0.cnf.Edit the vars file to set your preferences nano /etc/openvpn/easy-rsa/vars.Create a new sub-folder for the keys mkdir /etc/openvpn/easy-rsa/keys.Copy Easy-RSA files to the OpenVPN configuration folder cp -r /usr/share/easy-rsa/ /etc/openvpn.The next step is to generate all the keys on the server side to secure the connection Your Raspberry Pi can now act as a router Configure Easy-RSA Then open this file to enable it on boot nano /etc/nf.Paste this command to enable it immediately echo 1 > /proc/sys/net/ipv4/ip_forward.We’ll come back to this configuration file later, for the moment it’s fine Allow IP Forwardingīy default, Linux doesn’t allow IP forwardingĪs our Raspberry Pi will be the router between VPN clients and the local network, we have to enable it Uncomment the user and group options user nobody.You can also set a second DNS server in the line above Let the default option if you don’t know what it is In my case, I’m using the Google DNS Server (8.8.8.8) but set what you want Edit the DNS server to fit your needs push "dhcp-option DNS 8.8.8.8".Comment this one (we don’t need TLS authentication for the first try) tls-auth ta.key 0.Uncomment this line push "redirect-gateway def1 bypass-dhcp".Extract the sample configuration file to the OpenVPN folder gunzip -c /usr/share/doc/openvpn/examples/sample-config-files/ > /etc/openvpn/nf.Install the OpenVPN package apt install openvpn. #How to install openvpn access server update
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |