-
-
Save laurenorsini/9925434 to your computer and use it in GitHub Desktop.
| local 192.168.2.0 # SWAP THIS NUMBER WITH YOUR RASPBERRY PI IP ADDRESS | |
| dev tun | |
| proto udp #Some people prefer to use tcp. Don't change it if you don't know. | |
| port 1194 | |
| ca /etc/openvpn/easy-rsa/keys/ca.crt | |
| cert /etc/openvpn/easy-rsa/keys/Server.crt # SWAP WITH YOUR CRT NAME | |
| key /etc/openvpn/easy-rsa/keys/Server.key # SWAP WITH YOUR KEY NAME | |
| dh /etc/openvpn/easy-rsa/keys/dh1024.pem # If you changed to 2048, change that here! | |
| server 10.8.0.0 255.255.255.0 | |
| # server and remote endpoints | |
| ifconfig 10.8.0.1 10.8.0.2 | |
| # Add route to Client routing table for the OpenVPN Server | |
| push "route 10.8.0.1 255.255.255.255" | |
| # Add route to Client routing table for the OpenVPN Subnet | |
| push "route 10.8.0.0 255.255.255.0" | |
| # your local subnet | |
| push "route 192.168.2.0 255.255.255.0" # SWAP THE IP NUMBER WITH YOUR RASPBERRY PI IP ADDRESS | |
| # Set primary domain name server address to the SOHO Router | |
| # If your router does not do DNS, you can use Google DNS 8.8.8.8 | |
| push "dhcp-option DNS 192.168.2.1" # This should already match your router address and not need to be changed. | |
| # Override the Client default gateway by using 0.0.0.0/1 and | |
| # 128.0.0.0/1 rather than 0.0.0.0/0. This has the benefit of | |
| # overriding but not wiping out the original default gateway. | |
| push "redirect-gateway def1" | |
| client-to-client | |
| duplicate-cn | |
| keepalive 10 120 | |
| tls-auth /etc/openvpn/easy-rsa/keys/ta.key 0 | |
| cipher AES-128-CBC | |
| comp-lzo | |
| user nobody | |
| group nogroup | |
| persist-key | |
| persist-tun | |
| status /var/log/openvpn-status.log 20 | |
| log /var/log/openvpn.log | |
| verb 1 |
If changes are made to this after finishing the steps in the guide do we need to remake any keys or redo any steps to the whole process?
push "dhcp-option DNS 192.168.1.1" # This should already match your router address and not need to be changed.
I had this line set up as my public IP address not my router IP.
Noob here. Can someone please help me? What's my CRT and KEY name? How do I find out?
This is what I get:
Please enter an existing Client Name:
Client1
Client’s cert found: Client1
Client’s Private Key found: Client1.3des.key
CA public Key found: ca.crt
tls-auth Private Key found: ta.key
./MakeOVPN.sh: line 46: Default.txt: command not found
Done! Client1.ovpn Successfully Created.
./MakeOVPN.sh: line 72: No: command not found
I am facing problem while connecting SIP Registrations
I can able to connect Client with OPENVPN Server, Please tell me the IP routing configuration:
my current IP route is:
10.8.0.2 dev tun0 proto kernel scope link src 10.8.0.1
192.168.101.0/24 dev em1 proto kernel scope link src 192.168.101.2
64.xxx.xx.xx/24 dev em1 proto kernel scope link src 64.xxx.xx.xx
10.8.0.0/24 via 10.8.0.2 dev tun0
169.254.0.0/16 dev em1 scope link metric 1002
default via 192.168.101.1 dev em1 src 192.168.101.2
default via 64.56.73.1 dev em1
Changed my Local Subnet to the pi itself since I am also runnning Pi-hole.
Able to get to yahoo.com and google.com and some other sites but others doesn't load at all, when connected, am i missing somthing?
Found out im using my ipv6 address and not my ipv4 address when checking out my ip, so i'm assuming its using the ipv6 of the sites that i can connect to.
How can you update the server.conf file? Everytime i try to update it it throws a permissions error. Same error happens on WinSCP and Cyberduck.
cert /etc/openvpn/easy-rsa/keys/Server.crt # SWAP WITH YOUR CRT NAME
key /etc/openvpn/easy-rsa/keys/Server.key # SWAP WITH YOUR KEY NAME
can someone explain what this means ? what is CRT and Key name or do i just leave it as so?
The following script in the repository enabled duplicate-cn by default. You don't want to change the config file.
https://github.com/gayankuruppu/openvpn-install-for-multiple-users
I am able to connect to the VPN remotely and within my network. The issue I have is when I connect remotely, I can't see the PC I have internally. for example, if i connect my tablet and PC on the same network internally through the VPN I am able to see them both on computer>network list. If I connect my tablet remotely on 4G, I successfully connect to the VPN, but I cannot see the PC that is on the network.
This is my interfaces file:
and my server file:
Here is the iptables:
iptables -t nat -A POSTROUTING -s 10.8.0.0/24 -o wlan0 -j MASQUERADE