{"id":700,"date":"2013-04-02T19:13:09","date_gmt":"2013-04-02T17:13:09","guid":{"rendered":"http:\/\/blog.rabahi.net\/?page_id=700"},"modified":"2014-08-04T17:37:37","modified_gmt":"2014-08-04T15:37:37","slug":"srv-vpn","status":"publish","type":"page","link":"https:\/\/blog.rabahi.net\/?page_id=700","title":{"rendered":"srv-vpn"},"content":{"rendered":"<h1>Prerequiste<\/h1>\n<p>I assume that you have a Centos installation.<\/p>\n<h1>Installation<\/h1>\n<p>You can copy\/paste this script and use it to configure automatically your server.<\/p>\n<pre class=\"bash\" style=\"font-family:monospace;\"><ol><li style=\"background: #fcfcfc;\"><div style=\"font-size: 12px;\"><span style=\"color: #666666; font-style: italic;\">#!\/bin\/bash<\/span><\/div><\/li><li style=\"background: #f0f0f0;\"><div style=\"font-size: 12px;\">&nbsp;<\/div><\/li><li style=\"background: #fcfcfc;\"><div style=\"font-size: 12px;\"><span style=\"color: #7a0874; font-weight: bold;\">echo<\/span> <span style=\"color: #ff0000;\">&quot;install openvpn&quot;<\/span><\/div><\/li><li style=\"background: #f0f0f0;\"><div style=\"font-size: 12px;\">dnf <span style=\"color: #660033;\">-y<\/span> <span style=\"color: #c20cb9; font-weight: bold;\">install<\/span> openvpn<\/div><\/li><li style=\"background: #fcfcfc;\"><div style=\"font-size: 12px;\">&nbsp;<\/div><\/li><li style=\"background: #f0f0f0;\"><div style=\"font-size: 12px;\"><span style=\"color: #7a0874; font-weight: bold;\">echo<\/span> <span style=\"color: #ff0000;\">&quot;start service openvpn at boot&quot;<\/span><\/div><\/li><li style=\"background: #fcfcfc;\"><div style=\"font-size: 12px;\">systemctl <span style=\"color: #7a0874; font-weight: bold;\">enable<\/span> openvpn<span style=\"color: #000000; font-weight: bold;\">@<\/span>server.service<\/div><\/li><li style=\"background: #f0f0f0;\"><div style=\"font-size: 12px;\">&nbsp;<\/div><\/li><li style=\"background: #fcfcfc;\"><div style=\"font-size: 12px;\"><span style=\"color: #7a0874; font-weight: bold;\">echo<\/span> <span style=\"color: #ff0000;\">&quot;add service openvpn (port 1194) to firewall&quot;<\/span><\/div><\/li><li style=\"background: #f0f0f0;\"><div style=\"font-size: 12px;\">firewall-cmd <span style=\"color: #660033;\">--permanent<\/span> <span style=\"color: #660033;\">--add-service<\/span> openvpn<\/div><\/li><li style=\"background: #fcfcfc;\"><div style=\"font-size: 12px;\">firewall-cmd <span style=\"color: #660033;\">--reload<\/span><\/div><\/li><li style=\"background: #f0f0f0;\"><div style=\"font-size: 12px;\">&nbsp;<\/div><\/li><li style=\"background: #fcfcfc;\"><div style=\"font-size: 12px;\"><span style=\"color: #7a0874; font-weight: bold;\">echo<\/span> <span style=\"color: #ff0000;\">&quot;configure vpn&quot;<\/span><\/div><\/li><li style=\"background: #f0f0f0;\"><div style=\"font-size: 12px;\"><span style=\"color: #c20cb9; font-weight: bold;\">rm<\/span> <span style=\"color: #660033;\">-f<\/span> <span style=\"color: #000000; font-weight: bold;\">\/<\/span>etc<span style=\"color: #000000; font-weight: bold;\">\/<\/span>openvpn<span style=\"color: #000000; font-weight: bold;\">\/<\/span>server.conf<\/div><\/li><li style=\"background: #fcfcfc;\"><div style=\"font-size: 12px;\"><span style=\"color: #c20cb9; font-weight: bold;\">cp<\/span> <span style=\"color: #000000; font-weight: bold;\">\/<\/span>usr<span style=\"color: #000000; font-weight: bold;\">\/<\/span>share<span style=\"color: #000000; font-weight: bold;\">\/<\/span>doc<span style=\"color: #000000; font-weight: bold;\">\/<\/span>openvpn-<span style=\"color: #000000; font-weight: bold;\">*\/<\/span>sample<span style=\"color: #000000; font-weight: bold;\">\/<\/span>sample-config-files<span style=\"color: #000000; font-weight: bold;\">\/<\/span>server.conf <span style=\"color: #000000; font-weight: bold;\">\/<\/span>etc<span style=\"color: #000000; font-weight: bold;\">\/<\/span>openvpn<span style=\"color: #000000; font-weight: bold;\">\/<\/span> <\/div><\/li><li style=\"background: #f0f0f0;\"><div style=\"font-size: 12px;\">&nbsp;<\/div><\/li><li style=\"background: #fcfcfc;\"><div style=\"font-size: 12px;\"><span style=\"color: #c20cb9; font-weight: bold;\">sed<\/span> <span style=\"color: #660033;\">-i<\/span> <span style=\"color: #ff0000;\">&quot;s\/dev tun\/dev tap0\/g&quot;<\/span> <span style=\"color: #000000; font-weight: bold;\">\/<\/span>etc<span style=\"color: #000000; font-weight: bold;\">\/<\/span>openvpn<span style=\"color: #000000; font-weight: bold;\">\/<\/span>server.conf<\/div><\/li><li style=\"background: #f0f0f0;\"><div style=\"font-size: 12px;\"><span style=\"color: #c20cb9; font-weight: bold;\">sed<\/span> <span style=\"color: #660033;\">-i<\/span> <span style=\"color: #ff0000;\">&quot;s\/^\\(ca \\)\/#\\1\/g&quot;<\/span> <span style=\"color: #000000; font-weight: bold;\">\/<\/span>etc<span style=\"color: #000000; font-weight: bold;\">\/<\/span>openvpn<span style=\"color: #000000; font-weight: bold;\">\/<\/span>server.conf<\/div><\/li><li style=\"background: #fcfcfc;\"><div style=\"font-size: 12px;\"><span style=\"color: #c20cb9; font-weight: bold;\">sed<\/span> <span style=\"color: #660033;\">-i<\/span> <span style=\"color: #ff0000;\">&quot;s\/^\\(cert \\)\/#\\1\/g&quot;<\/span> <span style=\"color: #000000; font-weight: bold;\">\/<\/span>etc<span style=\"color: #000000; font-weight: bold;\">\/<\/span>openvpn<span style=\"color: #000000; font-weight: bold;\">\/<\/span>server.conf<\/div><\/li><li style=\"background: #f0f0f0;\"><div style=\"font-size: 12px;\"><span style=\"color: #c20cb9; font-weight: bold;\">sed<\/span> <span style=\"color: #660033;\">-i<\/span> <span style=\"color: #ff0000;\">&quot;s\/^\\(key \\)\/#\\1\/g&quot;<\/span> <span style=\"color: #000000; font-weight: bold;\">\/<\/span>etc<span style=\"color: #000000; font-weight: bold;\">\/<\/span>openvpn<span style=\"color: #000000; font-weight: bold;\">\/<\/span>server.conf<\/div><\/li><li style=\"background: #fcfcfc;\"><div style=\"font-size: 12px;\"><span style=\"color: #c20cb9; font-weight: bold;\">sed<\/span> <span style=\"color: #660033;\">-i<\/span> <span style=\"color: #ff0000;\">&quot;s\/^\\(dh \\)\/#\\1\/g&quot;<\/span> <span style=\"color: #000000; font-weight: bold;\">\/<\/span>etc<span style=\"color: #000000; font-weight: bold;\">\/<\/span>openvpn<span style=\"color: #000000; font-weight: bold;\">\/<\/span>server.conf<\/div><\/li><li style=\"background: #f0f0f0;\"><div style=\"font-size: 12px;\"><span style=\"color: #c20cb9; font-weight: bold;\">sed<\/span> <span style=\"color: #660033;\">-i<\/span> <span style=\"color: #ff0000;\">&quot;s\/^\\(server \\)\/#\\1\/g&quot;<\/span> <span style=\"color: #000000; font-weight: bold;\">\/<\/span>etc<span style=\"color: #000000; font-weight: bold;\">\/<\/span>openvpn<span style=\"color: #000000; font-weight: bold;\">\/<\/span>server.conf<\/div><\/li><li style=\"background: #fcfcfc;\"><div style=\"font-size: 12px;\"><span style=\"color: #c20cb9; font-weight: bold;\">sed<\/span> <span style=\"color: #660033;\">-i<\/span> <span style=\"color: #ff0000;\">&quot;s\/^\\(ifconfig-pool-persist \\)\/#\\1\/g&quot;<\/span> <span style=\"color: #000000; font-weight: bold;\">\/<\/span>etc<span style=\"color: #000000; font-weight: bold;\">\/<\/span>openvpn<span style=\"color: #000000; font-weight: bold;\">\/<\/span>server.conf<\/div><\/li><li style=\"background: #f0f0f0;\"><div style=\"font-size: 12px;\"><span style=\"color: #c20cb9; font-weight: bold;\">sed<\/span> <span style=\"color: #660033;\">-i<\/span> <span style=\"color: #ff0000;\">&quot;s\/^\\;\\(log\\)\/\\1\/g&quot;<\/span> <span style=\"color: #000000; font-weight: bold;\">\/<\/span>etc<span style=\"color: #000000; font-weight: bold;\">\/<\/span>openvpn<span style=\"color: #000000; font-weight: bold;\">\/<\/span>server.conf<\/div><\/li><li style=\"background: #fcfcfc;\"><div style=\"font-size: 12px;\"><span style=\"color: #c20cb9; font-weight: bold;\">sed<\/span> <span style=\"color: #660033;\">-i<\/span> <span style=\"color: #ff0000;\">&quot;s\/\\(openvpn.log\\)\/\\\/var\\\/log\\\/\\1\/g&quot;<\/span> <span style=\"color: #000000; font-weight: bold;\">\/<\/span>etc<span style=\"color: #000000; font-weight: bold;\">\/<\/span>openvpn<span style=\"color: #000000; font-weight: bold;\">\/<\/span>server.conf<\/div><\/li><li style=\"background: #f0f0f0;\"><div style=\"font-size: 12px;\">&nbsp;<\/div><\/li><li style=\"background: #fcfcfc;\"><div style=\"font-size: 12px;\">&nbsp;<\/div><\/li><li style=\"background: #f0f0f0;\"><div style=\"font-size: 12px;\"><span style=\"color: #666666; font-style: italic;\"># echo &quot;SSL Part (disabled)&quot;<\/span><\/div><\/li><li style=\"background: #fcfcfc;\"><div style=\"font-size: 12px;\"><span style=\"color: #666666; font-style: italic;\"># echo &quot;If uncomment:&quot;<\/span><\/div><\/li><li style=\"background: #f0f0f0;\"><div style=\"font-size: 12px;\"><span style=\"color: #666666; font-style: italic;\"># echo &quot; - Remember to sign and commit (when it will be asked)&quot;<\/span><\/div><\/li><li style=\"background: #fcfcfc;\"><div style=\"font-size: 12px;\"><span style=\"color: #666666; font-style: italic;\"># echo &quot; - In \/etc\/openvpn\/server.conf:&quot;<\/span><\/div><\/li><li style=\"background: #f0f0f0;\"><div style=\"font-size: 12px;\"><span style=\"color: #666666; font-style: italic;\"># echo &quot;       * update ca, cert, key dh path&quot;<\/span><\/div><\/li><li style=\"background: #fcfcfc;\"><div style=\"font-size: 12px;\"><span style=\"color: #666666; font-style: italic;\"># echo &quot;       * uncomment and configure the server-bridge (syntax [VPN server's IP] [subnetmask] [the range of IP for client])&quot;<\/span><\/div><\/li><li style=\"background: #f0f0f0;\"><div style=\"font-size: 12px;\"><span style=\"color: #666666; font-style: italic;\"># echo &quot;       * uncomment and configure the 'push \\&quot;route\\ (...)\\&quot; (syntax [network VPN server in] [subnetmask])&quot;<\/span><\/div><\/li><li style=\"background: #fcfcfc;\"><div style=\"font-size: 12px;\"><span style=\"color: #666666; font-style: italic;\"># cp -R \/usr\/share\/openvpn\/easy-rsa\/2.0 \/etc\/openvpn\/easy-rsa<\/span><\/div><\/li><li style=\"background: #f0f0f0;\"><div style=\"font-size: 12px;\"><span style=\"color: #666666; font-style: italic;\"># cd \/etc\/openvpn\/easy-rsa<\/span><\/div><\/li><li style=\"background: #fcfcfc;\"><div style=\"font-size: 12px;\"><span style=\"color: #666666; font-style: italic;\"># ln -s openssl-1.0.0.cnf openssl.cnf<\/span><\/div><\/li><li style=\"background: #f0f0f0;\"><div style=\"font-size: 12px;\"><span style=\"color: #666666; font-style: italic;\"># source .\/vars<\/span><\/div><\/li><li style=\"background: #fcfcfc;\"><div style=\"font-size: 12px;\"><span style=\"color: #666666; font-style: italic;\"># .\/clean-all<\/span><\/div><\/li><li style=\"background: #f0f0f0;\"><div style=\"font-size: 12px;\"><span style=\"color: #666666; font-style: italic;\"># .\/build-ca<\/span><\/div><\/li><li style=\"background: #fcfcfc;\"><div style=\"font-size: 12px;\"><span style=\"color: #666666; font-style: italic;\"># .\/build-key-server server <\/span><\/div><\/li><li style=\"background: #f0f0f0;\"><div style=\"font-size: 12px;\"><span style=\"color: #666666; font-style: italic;\"># .\/build-dh<\/span><\/div><\/li><li style=\"background: #fcfcfc;\"><div style=\"font-size: 12px;\"><span style=\"color: #666666; font-style: italic;\"># .\/build-key-pass client <\/span><\/div><\/li><li style=\"background: #f0f0f0;\"><div style=\"font-size: 12px;\">&nbsp;<\/div><\/li><li style=\"background: #fcfcfc;\"><div style=\"font-size: 12px;\"><span style=\"color: #7a0874; font-weight: bold;\">echo<\/span> <span style=\"color: #ff0000;\">&quot;start service&quot;<\/span><\/div><\/li><li style=\"background: #f0f0f0;\"><div style=\"font-size: 12px;\">systemctl start openvpn<span style=\"color: #000000; font-weight: bold;\">@<\/span>server.service<\/div><\/li><li style=\"background: #fcfcfc;\"><div style=\"font-size: 12px;\">&nbsp;<\/div><\/li><\/ol><\/pre>\n<p>That&#8217;s all \ud83d\ude42<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Prerequiste I assume that you have a Centos installation. Installation You can copy\/paste this script and use it to configure automatically your server. That&#8217;s all \ud83d\ude42<\/p>\n","protected":false},"author":1,"featured_media":0,"parent":677,"menu_order":0,"comment_status":"closed","ping_status":"open","template":"","meta":{"footnotes":""},"class_list":["post-700","page","type-page","status-publish","hentry"],"_links":{"self":[{"href":"https:\/\/blog.rabahi.net\/index.php?rest_route=\/wp\/v2\/pages\/700","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/blog.rabahi.net\/index.php?rest_route=\/wp\/v2\/pages"}],"about":[{"href":"https:\/\/blog.rabahi.net\/index.php?rest_route=\/wp\/v2\/types\/page"}],"author":[{"embeddable":true,"href":"https:\/\/blog.rabahi.net\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/blog.rabahi.net\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=700"}],"version-history":[{"count":4,"href":"https:\/\/blog.rabahi.net\/index.php?rest_route=\/wp\/v2\/pages\/700\/revisions"}],"predecessor-version":[{"id":1030,"href":"https:\/\/blog.rabahi.net\/index.php?rest_route=\/wp\/v2\/pages\/700\/revisions\/1030"}],"up":[{"embeddable":true,"href":"https:\/\/blog.rabahi.net\/index.php?rest_route=\/wp\/v2\/pages\/677"}],"wp:attachment":[{"href":"https:\/\/blog.rabahi.net\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=700"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}