wiki:openvpn_installation
Differences
This shows you the differences between two versions of the page.
Both sides previous revisionPrevious revisionNext revision | Previous revision | ||
wiki:openvpn_installation [2024/04/10 11:09] – [Certificate generation] update steps antisa | wiki:openvpn_installation [2024/05/13 16:18] (current) – [References] add shorewall doc link antisa | ||
---|---|---|---|
Line 87: | Line 87: | ||
./easyrsa build-ca | ./easyrsa build-ca | ||
- | 3. Create the vpn server' | + | 3. Generate Diffie-Hellman (DH) params. |
+ | ./easyrsa gen-dh | ||
+ | |||
+ | 4. Create the vpn server' | ||
./easyrsa gen-req server nopass | ./easyrsa gen-req server nopass | ||
./easyrsa sign-req server server | ./easyrsa sign-req server server | ||
| | ||
- | 3. Create client signing request and certificate. Change EntityName, '' | + | 5. Create client signing request and certificate. Change EntityName, '' |
./easyrsa gen-req EntityName nopass | ./easyrsa gen-req EntityName nopass | ||
./easyrsa sign-req client EntityName | ./easyrsa sign-req client EntityName | ||
- | 5. Generate Diffie-Hellman (DH) params. Used in client and server configuration | + | |
- | ./easyrsa gen-dh | + | |
| | ||
- | For each new client just repeat step 3. | + | For each new client just repeat |
==== Creating configuration files for server and clients ==== | ==== Creating configuration files for server and clients ==== | ||
Line 184: | Line 186: | ||
iptables -t nat -A POSTROUTING -s 10.8.0.0/24 -o eth0 -j MASQUERADE | iptables -t nat -A POSTROUTING -s 10.8.0.0/24 -o eth0 -j MASQUERADE | ||
- | | + | |
+ | ===== Running openvpn server as a service ===== | ||
+ | |||
+ | Debian 12 ships with systemd units for this. The way to run it is to first make sure the server configuration file is located in /// | ||
+ | |||
+ | systemctl enable --now openvpn-server@myvpnserver | ||
+ | |||
+ | Check logs with | ||
+ | journalctl -xefu openvpn-server@server.service | ||
====== Tested on ====== | ====== Tested on ====== | ||
* Debian 12 Bookworw | * Debian 12 Bookworw | ||
Line 196: | Line 207: | ||
* https:// | * https:// | ||
* https:// | * https:// | ||
+ | * https:// | ||
+ | * https:// | ||
wiki/openvpn_installation.1712740178.txt.gz · Last modified: 2024/04/10 11:09 by antisa