openvpn client setup

poc | server | client | server-2fa | client-2fa

testing env architecturetesting env architecture

see openvpn-poc

installinstall

apt install openvpn lynx net-tools mtr tcpdump
# openvpn-systemd-resolved

systemctl list-unit-files | grep openvpn
systemctl disable openvpn.service --now

generate the certsgenerate the certs

see sslhappy-ca-easy

setupsetup

cd /etc/openvpn/
rmdir client/
rmdir server/

# /usr/lib/systemd/system/openvpn-client@.service
ln -s . client

openvpn --show-ciphers | grep AES

cp -pi /usr/share/doc/openvpn/examples/sample-config-files/client.conf client.conf.dist
grep -vE '^#|^;|^$' client.conf.dist > client.conf.clean
# new file
vi client.conf

client
dev tun
proto tcp4
remote openvpn-server 443
resolv-retry infinite
nobind
persist-key
persist-tun
ca ca.crt
cert openvpn-client.crt
key openvpn-client.key
remote-cert-tls server
cipher AES-128-GCM
verb 1
route 10.7.7.0 255.255.255.0 10.6.6.5

ready to goready to go

nmap -sV -p 443 openvpn-server -T5
openvpn --config client.conf

acceptanceacceptance

ping 10.7.7.1

resourcesresources

https://wiki.debian.org/OpenVPN


HOME | GUIDES | LECTURES | LAB | SMTP HEALTH | HTML5 | CONTACT
Licensed under MIT