Openvpn Quickly

Posted on

it’s a crappy reminder to create Ansible playbook

apt install openvpn
apt install easy-rsa
make-cadir ~/openvpn-ca
cd ~/openvpn-ca
export KEY_NAME="server"
source vars
./clean-all
./build-ca
./build-key-server server
./build-dh
openvpn --genkey --secret keys/ta.key
./build-key client1
cd ~/openvpn-ca/keys
cp ca.crt ca.key server.crt server.key ta.key dh2048.pem /etc/openvpn
gunzip -c /usr/share/doc/openvpn/examples/sample-config-files/server.conf.gz | tee /etc/openvpn/server.conf
vi /etc/openvpn/server.conf
vi /etc/sysctl.conf
sysctl -w net.ipv4.ip_forward=1
vi /etc/openvpn/server.conf
systemctl restart openvpn@server
mkdir -p ~/client-configs/files
chmod 700 ~/client-configs/files
cp /usr/share/doc/openvpn/examples/sample-config-files/client.conf ~/client-configs/base.conf
vi ~/client-configs/base.conf
vi ~/client-configs/make_config.sh
chmod 700 ~/client-configs/make_config.sh
cd ~/client-configs
./make_config.sh client1
more files/client1.ovpn
iptables -t nat -I POSTROUTING -s 10.8.0.0/24 -d 172.21.65.0/24 -j MASQUERADE
iptables -I FORWARD  -s 10.8.0.0/24 -d 172.21.65.0/24 -j ACCEPT
iptables -I FORWARD  -d 10.8.0.0/24 -s 172.21.65.0/24 -j ACCEPT
vi /etc/network/interfaces