This shows you the differences between two versions of the page.
Both sides previous revisionPrevious revision | Next revisionBoth sides next revision | ||
computing:vpnserver-debian11 [2023/05/22 04:07] – oemb1905 | computing:vpnserver-debian11 [2023/06/14 03:40] – oemb1905 | ||
---|---|---|---|
Line 63: | Line 63: | ||
ufw allow 1194/udp | ufw allow 1194/udp | ||
ufw allow from 192.168.147.0/ | ufw allow from 192.168.147.0/ | ||
+ | sudo ufw allow from 73.42.113.16 to any port 22 proto tcp [optional allowance from static external] | ||
| | ||
The server is now setup, so time to build the client files on the server, build a client configuration file and test the connection. Copy all the generated files to a dedicated client directory for safekeeping/ | The server is now setup, so time to build the client files on the server, build a client configuration file and test the connection. Copy all the generated files to a dedicated client directory for safekeeping/ | ||
Line 114: | Line 115: | ||
My next goal is to add some routes to a different subnet on a virtual bridge I use for my VMs, and that's also on the physical host. Then, I can disable public facing ssh on all of VMs theoretically and access them through the vpnserver only. Again, even this is overkill since I am already using ssh keypairs, however, I might just do it to learn about pushing routes/ | My next goal is to add some routes to a different subnet on a virtual bridge I use for my VMs, and that's also on the physical host. Then, I can disable public facing ssh on all of VMs theoretically and access them through the vpnserver only. Again, even this is overkill since I am already using ssh keypairs, however, I might just do it to learn about pushing routes/ | ||
- | --- // | + | --- // |