butageek/openvpn.md

## openvpn.md

      
    Raw
  

              openvpn.md
            
          
    Find your IP address

Find local IP
ip addr
Find external IP
dig +short myip.opendns.com @resolver1.opendns.com
Command dig can be installed as below
On Debian/Ubuntu:

sudo apt install dnsutils
On Arch/Manjaro:

sudo pacman -Sy bind
Download and run installation script

Download script
wget https://git.io/vpn -O openvpn-ubuntu-install.sh
Make script executable
chmod -v +x openvpn-ubuntu-install.sh
Run the script
sudo ./openvpn-ubuntu-install.sh
It will then generate a .ovpn file under /root/
Config the server

Start service
sudo systemctl start openvpn
Config the router

Open UDP port 1194 in firewall
Config the clicent

Copy .ovpn file from server to client
scp your_username@your_external_ip:/root/your_ovpn_filename.ovpn .
If root is not allowed to login into the server, use following command
ssh your_username@your_external_ip "sudo -S cat /root/your_ovpn_filename.ovpn" > your_ovpn_filename.ovpn
On Windows

Use OpenVPN GUI
On Linux

From terminal
Copy .ovpn file as follows
sudo cp your_ovpn_filename.ovpn /etc/openvpn/client.conf
Connect from CLI
sudo openvpn --client --config /etc/openvpn/client.conf
From NetworkManager
Go to Settings -> Network -> VPN -> Add VPN -> Import from file... and select the .ovpn file
Verify/Test

ping 10.8.0.1
ip route
dig +short myip.opendns.com @resolver1.opendns.com
Check OpenVPN serverfor errors
sudo journalctl --identifier ovpn-server
Check firewall rules
cat /etc/systemd/system/openvpn-iptables.service
Another option is to run iptables command and sysctl command commands to verify NAT rule setup on your server
sudo iptables -t nat -L -n -v
sysctl net.ipv4.ip_forward
Insert the rules if not inserted using the following command
sudo systemctl start openvpn-iptables.service
sudo sysctl -w net.ipv4.ip_forward=1
Check open port
sudo netstat -tulpn | grep :1194