Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- ########
- # SERVER
- ########
- $ apt-get update -y
- $ apt-get upgrade -y
- $ apt-get install openvpn -y
- $ cp -r /usr/share/easy-rsa /etc/openvpn
- $ cd /etc/openvpn/easy-rsa
- $ ln -s openssl-1.0.0.cnf openssl.cnf
- $ . ./vars
- $ ./clean-all
- $ ./build-ca
- $ ./build-key-server server
- $ ./build-key client3
- $ ./build-key client4
- $ ./build-key client5
- $ ./build-dh
- $ mkdir /etc/openvpn/staticclients
- $ nano /etc/openvpn/server.conf
- # You may need to change dh2048.pem filename, find it in /etc/openvpn/easy-rsa/keys/
- ###
- port 1194
- proto udp
- dev tun
- ca /etc/openvpn/easy-rsa/keys/ca.crt
- cert /etc/openvpn/easy-rsa/keys/server.crt
- key /etc/openvpn/easy-rsa/keys/server.key
- dh /etc/openvpn/easy-rsa/keys/dh2048.pem
- server 10.8.0.0 255.255.255.0
- #push "redirect-gateway def1"
- topology subnet
- client-config-dir /etc/openvpn/staticclients
- push "dhcp-option DNS 208.67.222.222"
- push "dhcp-option DNS 208.67.220.220"
- duplicate-cn
- cipher AES-256-CBC
- tls-version-min 1.2
- tls-cipher TLS-DHE-RSA-WITH-AES-256-GCM-SHA384:TLS-DHE-RSA-WITH-AES-256-CBC-SHA25>
- auth SHA512
- auth-nocache
- keepalive 20 60
- persist-key
- persist-tun
- compress lz4
- daemon
- user nobody
- group nogroup
- log-append /var/log/openvpn.log
- verb 3
- ###
- $ nano /etc/openvpn/staticclients/client3
- ###
- ifconfig-push 10.8.0.3 255.255.255.0
- ###
- $ nano /etc/openvpn/staticclients/client4
- ###
- ifconfig-push 10.8.0.4 255.255.255.0
- ###
- $ nano /etc/openvpn/staticclients/client5
- ###
- ifconfig-push 10.8.0.5 255.255.255.0
- ###
- $ nano /etc/openvpn/easy-rsa/keys/client3.ovpn
- ###
- client
- dev tun
- proto udp
- remote <your-server-ip-address> 1194
- cipher AES-256-CBC
- auth SHA512
- auth-nocache
- tls-version-min 1.2
- tls-cipher TLS-DHE-RSA-WITH-AES-256-GCM-SHA384:TLS-DHE-RSA-WITH-AES-256-CBC-SHA256:TLS-DHE-RSA-WITH-AES-128-GCM-SHA256:TLS-DHE-RSA-WITH-AES-128-CBC-SHA256
- resolv-retry infinite
- compress lz4
- nobind
- persist-key
- persist-tun
- mute-replay-warnings
- verb 3
- ca ca.crt
- cert client3.crt
- key client3.key
- ###
- $ nano /etc/openvpn/easy-rsa/keys/client4.ovpn
- ###
- client
- dev tun
- proto udp
- remote <your-server-ip-address> 1194
- cipher AES-256-CBC
- auth SHA512
- auth-nocache
- tls-version-min 1.2
- tls-cipher TLS-DHE-RSA-WITH-AES-256-GCM-SHA384:TLS-DHE-RSA-WITH-AES-256-CBC-SHA256:TLS-DHE-RSA-WITH-AES-128-GCM-SHA256:TLS-DHE-RSA-WITH-AES-128-CBC-SHA256
- resolv-retry infinite
- compress lz4
- nobind
- persist-key
- persist-tun
- mute-replay-warnings
- verb 3
- ca ca.crt
- cert client4.crt
- key client4.key
- ###
- $ nano /etc/openvpn/easy-rsa/keys/client5.ovpn
- ###
- client
- dev tun
- proto udp
- remote <your-server-ip-address> 1194
- cipher AES-256-CBC
- auth SHA512
- auth-nocache
- tls-version-min 1.2
- tls-cipher TLS-DHE-RSA-WITH-AES-256-GCM-SHA384:TLS-DHE-RSA-WITH-AES-256-CBC-SHA256:TLS-DHE-RSA-WITH-AES-128-GCM-SHA256:TLS-DHE-RSA-WITH-AES-128-CBC-SHA256
- resolv-retry infinite
- compress lz4
- nobind
- persist-key
- persist-tun
- mute-replay-warnings
- verb 3
- ca ca.crt
- cert client5.crt
- key client5.key
- ###
- $ systemctl start openvpn@server
- $ systemctl enable openvpn@server
- $ systemctl status openvpn@server
- $ ip a show tun0
- # To find server connection status and ip address
- $ ls /usr/share/easy-rsa/keys
- # This contains files needed by clients
- ##########
- # CLIENT 3
- ##########
- Install OpenVPN
- Copy these files from server /usr/share/easy-rsa/keys/
- to C:\Users\<your-client3-pc-username>\OpenVPN\config
- - ca.crt
- - client3.crt
- - client3.key
- - client3.ovpn
- Run OpenVPN GUI and Connect.
- ##########
- # CLIENT 4
- ##########
- Install OpenVPN
- Copy these files from server /usr/share/easy-rsa/keys/
- to C:\Users\<your-client4-pc-username>\OpenVPN\config
- - ca.crt
- - client4.crt
- - client4.key
- - client4.ovpn
- Run OpenVPN GUI and Connect.
- ##########
- # CLIENT 5
- ##########
- Install OpenVPN
- Copy these files from server /usr/share/easy-rsa/keys/
- to C:\Users\<your-client5-pc-username>\OpenVPN\config
- - ca.crt
- - client5.crt
- - client5.key
- - client5.ovpn
- Run OpenVPN GUI and Connect.
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement