Both sides previous revisionPrevious revisionNext revision | Previous revisionLast revisionBoth sides next revision |
computing:vpnserver [2020/03/23 01:11] – oemb1905 | computing:vpnserver [2023/02/11 13:04] – oemb1905 |
---|
ssh root@192.168.1.1 | ssh root@192.168.1.1 |
opkg update | opkg update |
opkg install zip openvpn-easy-rsa openvpn-openssl nano wget nmap tcpdump curl luci-ssl | opkg install gzip openvpn-easy-rsa openvpn-openssl nano wget nmap tcpdump curl luci-ssl |
opkg list-upgradable | opkg list-upgradable |
opkg upgrade <package> | opkg upgrade <package> |
It is now time to scp the key, certificate, and authority from the router to your home device: | It is now time to scp the key, certificate, and authority from the router to your home device: |
| |
scp /etc/easy-rsa/pki/pki/ca.crt /etc/easy-rsa/pki/pki/server.key /etc/easy-rsa/pki/pki/server.crt root@10.10.10.100: | scp /etc/easy-rsa/pki/ca.crt /etc/easy-rsa/pki/private/clientname.key /etc/easy-rsa/pki/issued/clientname.crt root@10.10.10.100: |
| |
Obviously, I am using an example home subnet here (10.10.10.0), so change that address to match your workstation. Once you have all three of those files, create a directory on the client workstation that intends to connect to the vpn server. After you create that directory and place these files in it, you need to create a connect-to-vpn.ovpn file that openvpn will use to connect to the vpn server. | Obviously, I am using an example home subnet here (10.10.10.0), so change that address to match your workstation. Once you have all three of those files, create a directory on the client workstation that intends to connect to the vpn server. After you create that directory and place these files in it, you need to create a connect-to-vpn.ovpn file that openvpn will use to connect to the vpn server. |
sudo openvpn connect-to-vpn.ovpn | sudo openvpn connect-to-vpn.ovpn |
| |
Since you did not suppress standard output, you should get the following the message, "Initialization Sequence Completed," to indicate a successful connection. Your vpn-server is now complete, and you can repeat the steps for building client keys stated above for other workstations/users. | Since you did not suppress standard output, you should get the following the message, "Initialization Sequence Completed," to indicate a successful connection. Your vpn-server is now complete, and you can repeat the steps for building client keys stated above for other workstations/users. Also, if you need to automate the setup, you can use something like these scripts, which I tweaked a lot, from OpenWrt's wiki: |
| |
| * [[https://repo.haacksnetworking.com/oemb1905/haackingclub/-/blob/master/vpnstuff/vpn-server-script.sh|vpn-server-scripts.sh]] |
| * [[https://repo.haacksnetworking.com/oemb1905/haackingclub/-/blob/master/vpnstuff/vpn-client-script.sh|vp-client-scripts.sh]] |
| |
-- -- -- -- -- | -- -- -- -- -- |