MihanServer.IR

مرکز آموزش

پشتیبانی > مرکز آموزش > VPS Support > Virtual Network (O Series) Setup – Debian/Ubuntu

Virtual Network (O Series) Setup – Debian/Ubuntu

Source: https://forum.ramhost.us/bbs/viewtopic.php?id=4

This tutorial shows you how to install and configure an OpenVPN tunnel on your VPS.

These instructions were developed with Debian / Ubuntu in mind, however the procedure should be similar for other Linux distro's (I've only tested these on Debian 5 but should work unmodified for other deb-variants).

------

1) Download and Install OpenVPN:

Code:

# apt-get install openvpn

2) Move some things into the correct place:

Code:

# cp -R /usr/share/doc/openvpn/examples/easy-rsa /etc/openvpn

3) Generate Server and Client Encryption:

Code:

# cd /etc/openvpn/easy-rsa/2.0

# . ./vars     

# ./clean-all     

# ./build-ca 

# ./build-key-server server

# ./build-key client1

# ./build-dh

Press enter at each prompt, and answer yes to all yes/no questions.

DO NOT ENTER ANY PASSWORD IF PROMPTED TO DO SO - PRESS ENTER.

4) Apply iptables rule to forward traffic from the VPN to the Internet:

Code:

# chmod 755 /etc/rc.local

# nano /etc/rc.local

the default contents of this file are as follows:

Code:

#!/bin/sh -e
#
# rc.local
#
# This script is executed at the end of each multiuser runlevel.
# Make sure that the script will "exit 0" on success or any other
# value on error.
#
# In order to enable or disable this script just change the execution
# bits.
#
# By default this script does nothing.

exit 0

We are going to add the following before "exit 0"

replace "208.110.73.134" with the actual IP address of your VPS

When you are done you should have something that looks like this:

Code:

#!/bin/sh -e
#
# rc.local
#
# This script is executed at the end of each multiuser runlevel.
# Make sure that the script will "exit 0" on success or any other
# value on error.
#
# In order to enable or disable this script just change the execution
# bits.
#
# By default this script does nothing.

# add iptables rule for openvpn
iptables -t nat -A POSTROUTING -s 10.8.0.0/24 -o venet0 -j SNAT --to 208.110.73.134

# restart openvpn after 1 hour in case tun device got broken on reboot
sleep 3600
/etc/init.d/openvpn stop
sleep 10
/etc/init.d/openvpn start

exit 0

5) Create OpenVPN configuration file:

Code:

# nano /etc/openvpn/openvpn.conf

Insert the following:

Code:

    dev tun
    proto tcp
    port 1194

    ca /etc/openvpn/easy-rsa/2.0/keys/ca.crt
    cert /etc/openvpn/easy-rsa/2.0/keys/server.crt
    key /etc/openvpn/easy-rsa/2.0/keys/server.key
    dh /etc/openvpn/easy-rsa/2.0/keys/dh1024.pem

    user nobody
    group nogroup
    server 10.8.0.0 255.255.255.0

    persist-key
    persist-tun

    #status openvpn-status.log
    #verb 3
    client-to-client

    push "redirect-gateway def1"
    push "dhcp-option DNS 69.197.153.253"
    push "dhcp-option DNS 69.30.192.15"

    comp-lzo

6) Start OpenVPN:

Code:

# /etc/init.d/openvpn start
# nohup /etc/rc.local &

(Press CTRL+C if the console hangs after running /etc/rc.local)

7) Verify it is working:

Code:

# tail /var/log/syslog

You should see something like the following:

Code:

ovpn-openvpn[3410]: TUN/TAP device tun0 opened
ovpn-openvpn[3410]: /sbin/ifconfig tun0 10.8.0.1 pointopoint 10.8.0.2 mtu 1500
ovpn-openvpn[3414]: GID set to nogroup
ovpn-openvpn[3414]: UID set to nobody
ovpn-openvpn[3414]: Listening for incoming TCP connection on [undef]
ovpn-openvpn[3414]: TCPv4_SERVER link local (bound): [undef]
ovpn-openvpn[3414]: TCPv4_SERVER link remote: [undef]
ovpn-openvpn[3414]: Initialization Sequence Completed

Note: If you instead see something like this:

Code:

Sun Dec 13 08:32:02 2009 Note: Cannot open TUN/TAP dev /dev/net/tun: Operation not permitted (errno=1)
Sun Dec 13 08:32:02 2009 Note: Attempting fallback to kernel 2.2 TUN/TAP interface
Sun Dec 13 08:32:02 2009 Cannot allocate TUN/TAP dev dynamically
Sun Dec 13 08:32:02 2009 Exiting

And the output of "uptime" shows your server has been running for less than 2 hours, then wait for our cron job to run - which will automatically fix this issue.

Once you are able to get the successful "Initialization Sequence Completed" result, then continue on.

---------------

Now, download the following files to your local computer (the client):

Code:

/etc/openvpn/easy-rsa/2.0/keys/ca.crt

/etc/openvpn/easy-rsa/2.0/keys/client1.crt

/etc/openvpn/easy-rsa/2.0/keys/client1.key

And finally, here is an example client configuration (client.ovpn):

Code:

client
dev tun
proto tcp

# The hostname/IP and port of the server.
# CHANGE THIS TO YOUR VPS IP ADDRESS
remote 208.110.73.134 1194

resolv-retry infinite
nobind

persist-key
persist-tun

ca ca.crt
cert client1.crt
key client1.key

comp-lzo
verb 3

-----------

If you're on Microsoft Windows you can grab an OpenVPN client and tun driver from http://deploy.ramhost.org/vps/openvpn-2 … nstall.exe

Step-By-Step OpenVPN Client configuration howto for Microsoft Windows users:

http://forums.ramhost.org/bbs/viewtopic.php?id=165

Linux/BSD/Apple users can install the usual openvpn client software using their package manager.

 

 

 



آیا این پاسخ به شما کمک کرد؟

افزودن به مورد علاقه ها افزودن به مورد علاقه ها

چاپ این مقاله چاپ این مقاله
خوانده شده
DirectAdmin installation on Centos - Script (مشاهدات: 133)
What is the difference between a VPS and shared hosting? (مشاهدات: 230)
Why is my VPS constantly crashing? (مشاهدات: 215)
How To Install CPANEL on your VPS (مشاهدات: 537)
What is a VPS ? (مشاهدات: 273)

Powered by WHMCompleteSolution

زبان:

منوی سریع

ورود کاربر

ایمیل

کلمه عبور

مرا به خاطر بسپار

جستجو