I’ve got a few VPN links in place using OpenVPN and thought it’s about time I documented how incase something goes wrong in the future.
First was the install:-
apt-get install openvpn
Then Generate a key using:-
openvpn --genkey --secret static.key
Create the config file using:-
nano -w server2.conf
ifconfig 192.168.204.203 192.168.203.204
;route 192.168.203.0 255.255.255.0
Things that need changing are the server address and the local and remote IP addresses. Also check the chroot, user and group exist.
Next copy the static.key from server1 to server2. Then create a server1.conf in /etc/openvpn/
nano -w server1.conf
ifconfig 192.168.203.204 192.168.204.203
;route 192.168.204.0 255.255.255.0
Notice how the IP configuration on this server is reversed. These IP addresses are just used by the tunnel and do not have to be within your normal network range. However for routing to multiple network segments it seemed easier to keep these addresses within the network range for me so it’s easier to trace where the fault lies if something goes wrong.
Last thing to check is that ip_forwarding is also enabled
Once the connections are established, it’s probably worth having some routing info pushed to each server. For simple routing you can uncomment the option in the configs above. For more advanced routing it’s worth installing Quagga.
I’ll need to update this with better details on what the configs do. But that’ll get it running in a simple setup.