Ubuntu Server 14.04.1 How To setup OpenVPN server on a seperate machine than the LAN gateway (with access to other machines on server LAN)
Make sure your openvpn LAN is not the usual 192.168.1.1 or 10.0.0.1. If it is, log in to your router and change the third number ie. 192.168.(this number).1
Make sure to forward port 1194 on your router to the OpenVPN server IP
Example Network:
Gateway IP: 192.168.5.1
OpenVPN Server IP: 192.168.5.20
OpenVPN Config:
server.conf
port 1194
proto udp
dev tun0
ca ca.crt
cert server.crt
key server.key
dh dh2048.pem
server 10.8.0.0 255.255.255.0
ifconfig-pool-persist ipp.txt
push "route 192.168.5.0 255.255.255.0"
push "route 10.8.0.0 255.255.255.0"
push "redirect-gateway def1 bypass-dhcp"
push "dhcp-option DNS 8.8.8.8"
push "dhcp-option DNS 8.8.4.4"
client-to-client
duplicate-cn
keepalive 10 120
tls-auth ta.key 0
comp-lzo
user nobody
group nogroup
persist-key
persist-tun
status openvpn-status.log
verb 3
Edit /etc/network/interfaces:
auto lo
iface lo inet loopback
auto eth0
iface eth0 inet static
address 192.168.5.20
netmask 255.255.255.0
broadcast 192.168.5.255
network 192.168.5.0
gateway 192.168.5.1
dns-nameservers 8.8.8.8
dns-nameservers 8.8.4.4
post-up iptables -t nat -A POSTROUTING -s 10.8.0.0/24 -j SNAT --to 192.168.5.20
Make sure to comment out ipv6 setting
Edit /etc/sysctl.conf:
Change:
#net.ipv4.ip_forward=1
to:
net.ipv4.ip_forward=1