Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- #!/bin/bash
- apt-get update
- apt-get install openvpn easy-rsa
- make-cadir /opt/openvpn-ca
- cd /opt/openvpn-ca
- sed -ie 's/KEY_NAME="EasyRSA"/KEY_NAME="server"/g' /opt/openvpn-ca/vars
- source vars
- ./clean-all
- ./build-ca --batch
- ./build-key-server --batch server
- ./build-dh
- openvpn --genkey --secret keys/ta.key
- ./build-key --batch client1
- cd keys
- cp ca.crt ca.key server.crt server.key ta.key dh2048.pem /etc/openvpn
- echo -e "
- #local 127.0.0.1 1194
- port 1194
- proto tcp
- dev tun
- ca /etc/openvpn/ca.crt
- cert /etc/openvpn/server.crt
- key /etc/openvpn/server.key
- dh /etc/openvpn/dh2048.pem
- topology subnet
- server 10.8.0.0 255.255.0.0
- #ifconfig-pool-persist /etc/openvpn/ipp.txt
- #client-config-dir /etc/openvpn/ccd
- push \"redirect-gateway def1 bypass-dhcp\"
- push \"dhcp-option DNS 208.67.222.222\"
- push \"dhcp-option DNS 208.67.220.220\"
- client-to-client
- duplicate-cn
- keepalive 10 120
- tls-auth /etc/openvpn/ta.key 0
- key-direction 0
- comp-lzo
- max-clients 65000
- user nobody
- group nogroup
- persist-key
- persist-tun
- status /var/log/openvpn-status.log
- #log-append /var/log/openvpn.log
- verb 4
- " > /etc/openvpn/server.conf
- sysctl net.ipv4.ip_forward=1
- iptables -t nat -A POSTROUTING -s 10.8.0.0/16 -j MASQUERADE
- systemctl enable openvpn@server
- systemctl start openvpn@server
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement