This shows you the differences between two versions of the page.
Next revision | Previous revisionLast revisionBoth sides next revision | ||
computing:vpnserver-debian11 [2023/05/22 02:17] – created oemb1905 | computing:vpnserver-debian11 [2024/02/17 19:43] – oemb1905 | ||
---|---|---|---|
Line 61: | Line 61: | ||
Let's make sure the firewall only permits vpn server traffic and ssh from a private subnet as per the design mentioned at the outset: | Let's make sure the firewall only permits vpn server traffic and ssh from a private subnet as per the design mentioned at the outset: | ||
- | ufw allow 1184/udp | + | ufw allow 1194/udp |
ufw allow from 192.168.147.0/ | ufw allow from 192.168.147.0/ | ||
+ | sudo ufw allow from 73.42.113.16 to any port 22 proto tcp [optional allowance from static external] | ||
| | ||
The server is now setup, so time to build the client files on the server, build a client configuration file and test the connection. Copy all the generated files to a dedicated client directory for safekeeping/ | The server is now setup, so time to build the client files on the server, build a client configuration file and test the connection. Copy all the generated files to a dedicated client directory for safekeeping/ | ||
Line 112: | Line 113: | ||
redirect-gateway def1 | redirect-gateway def1 | ||
| | ||
- | My next goal is to add some routes to a different subnet on a virtual bridge I use for my VMs, and that's also on the physical host. Then, I can disable public facing ssh on all of VMs theoretically and access them through | + | I wrote some scripts |
- | --- //[[jonathan@haacksnetworking.org|oemb1905]] | + | * [[https:// |
+ | |||
+ | --- //[[webmaster@haacksnetworking.org|oemb1905]] |