OpenVPN
(category) |
(→N9 HARMATTAN) |
||
(4 intermediate revisions not shown) | |||
Line 1: | Line 1: | ||
- | This page describes setting up openVPN | + | This page describes setting up openVPN |
+ | |||
+ | = On N8x0 = | ||
+ | |||
+ | [[ToDo]] | ||
+ | |||
+ | = On [[Nokia N900|N900]] / Maemo = | ||
== Server Setup == | == Server Setup == | ||
Line 28: | Line 34: | ||
The applet will pickup any .conf files in that directory. | The applet will pickup any .conf files in that directory. | ||
+ | |||
+ | = N9 HARMATTAN = | ||
+ | |||
+ | Install it from N9Qt | ||
+ | |||
+ | * http://wiki.maemo.org/N9QTweak | ||
+ | |||
+ | |||
+ | == Env variables == | ||
+ | |||
+ | Will be used in Client and Server side | ||
+ | |||
+ | domain="www.$USER.tld" # must be adapted to your public DNS record | ||
+ | server_inet="0.0.0.0" # must be adapted to your public inet IP | ||
+ | port="80" # 80 is prefered to pass firewall or 443 ? | ||
+ | dev="tun2" | ||
+ | server="10.9.8.254" # can be changed | ||
+ | client="10.9.8.1" # can be changed too | ||
+ | conf="/etc/openvpn/$domain.conf" | ||
+ | key="/etc/openvpn/$domain.key" | ||
+ | |||
+ | == Server Side : == | ||
+ | |||
+ | sudo mkdir -p /etc/openvpn | ||
+ | sudo openvpn --genkey --secret "$key" | ||
+ | |||
+ | cat<<EOF | sudo tee "$conf" | ||
+ | dev $dev | ||
+ | port $port | ||
+ | ifconfig $server $client | ||
+ | secret $key | ||
+ | EOF | ||
+ | |||
+ | Launch it by hand or with service : | ||
+ | |||
+ | sudo openvpn --config "$conf" --verb 6 | ||
+ | |||
+ | |||
+ | == Client Side : == | ||
+ | |||
+ | Copy Key and configure it : | ||
+ | |||
+ | sudo mkdir -p /etc/openvpn | ||
+ | ssh -t $domain \ | ||
+ | 'sudo cat /etc/openvpn/$domain.key' \ | ||
+ | | sudo dd of="/etc/openvpn/$domain.key" | ||
+ | |||
+ | cat<<EOF | sudo tee "$conf" | ||
+ | remote $domain | ||
+ | dev $dev | ||
+ | port $port | ||
+ | ifconfig $client $server | ||
+ | secret $key | ||
+ | persist-tun | ||
+ | nobind | ||
+ | EOF | ||
+ | |||
+ | Then launch it | ||
+ | |||
+ | $sudo /usr/sbin/openvpn --script-security 2 --config $conf --verb 6 | ||
+ | |||
+ | |||
+ | == More == | ||
+ | |||
+ | FeedBack welcome at : | ||
+ | |||
+ | http://talk.maemo.org/showthread.php?t=89703&highlight=OpenVPN&page=2 | ||
+ | |||
+ | |||
+ | |||
+ | |||
+ | [[Category:Software]] | ||
+ | [[Category:HowTo]] | ||
[[Category:Software]] | [[Category:Software]] | ||
[[Category:HowTo]] | [[Category:HowTo]] |
Latest revision as of 09:46, 2 November 2014
This page describes setting up openVPN
Contents |
[edit] On N8x0
[edit] On N900 / Maemo
[edit] Server Setup
The server should be setup like so:
http://openvpn.net/index.php/open-source/documentation/howto.html
udp is better than tcp if you can use it. If your client is likely to be behind firewalls then tcp is more likely to work.
Consider whether compression is useful - if you're transferring media or using ssh tunnels then it may not gain much.
If you need access to a nameserver on your LAN you'll need this in the server.conf:
push "dhcp-option DNS 10.0.0.7" push "dhcp-option DOMAIN dgreaves.com"
[edit] Client Setup
You'll need the openVPN client and the openVPN applet
Create a matching client setup conf and copy it together with the client certificate, key and the ca file to the /etc/openvpn/
directory on the device.
The client.conf may need:
# Allow scripts to be run script-security 2 # and update the config when a route changes up /etc/openvpn/maemo-update-resolvconf plugin /opt/openvpn/lib/openvpn/openvpn-down-root.so "script_type=down /etc/openvpn/maemo-update-resolvconf"
The applet will pickup any .conf files in that directory.
[edit] N9 HARMATTAN
Install it from N9Qt
[edit] Env variables
Will be used in Client and Server side
domain="www.$USER.tld" # must be adapted to your public DNS record server_inet="0.0.0.0" # must be adapted to your public inet IP port="80" # 80 is prefered to pass firewall or 443 ? dev="tun2" server="10.9.8.254" # can be changed client="10.9.8.1" # can be changed too conf="/etc/openvpn/$domain.conf" key="/etc/openvpn/$domain.key"
[edit] Server Side :
sudo mkdir -p /etc/openvpn sudo openvpn --genkey --secret "$key"
cat<<EOF | sudo tee "$conf" dev $dev port $port ifconfig $server $client secret $key EOF
Launch it by hand or with service :
sudo openvpn --config "$conf" --verb 6
[edit] Client Side :
Copy Key and configure it :
sudo mkdir -p /etc/openvpn ssh -t $domain \ 'sudo cat /etc/openvpn/$domain.key' \ | sudo dd of="/etc/openvpn/$domain.key"
cat<<EOF | sudo tee "$conf" remote $domain dev $dev port $port ifconfig $client $server secret $key persist-tun nobind EOF
Then launch it
$sudo /usr/sbin/openvpn --script-security 2 --config $conf --verb 6
[edit] More
FeedBack welcome at :
http://talk.maemo.org/showthread.php?t=89703&highlight=OpenVPN&page=2
- This page was last modified on 2 November 2014, at 09:46.
- This page has been accessed 14,457 times.