openvpn client setup

poc | server | client | server-2fa | client-2fa

testing env architecture

see openvpn-poc

install

apt install openvpn lynx net-tools mtr tcpdump
    # openvpn-systemd-resolved

    systemctl list-unit-files | grep openvpn
    systemctl disable openvpn.service --now

generate the certs

see sslhappy-ca-easy

setup

cd /etc/openvpn/
rmdir client/
rmdir server/

# /usr/lib/systemd/system/openvpn-client@.service
ln -s . client

openvpn --show-ciphers | grep AES

cp -pi /usr/share/doc/openvpn/examples/sample-config-files/client.conf client.conf.dist
grep -vE '^#|^;|^$' client.conf.dist > client.conf.clean
# new file
vi client.conf

client
dev tun
proto tcp4
remote openvpn-server 443
resolv-retry infinite
nobind
persist-key
persist-tun
ca ca.crt
cert openvpn-client.crt
key openvpn-client.key
remote-cert-tls server
cipher AES-128-GCM
verb 1
route 10.7.7.0 255.255.255.0 10.6.6.5

ready to go

    nmap -sV -p 443 openvpn-server -T5
openvpn --config client.conf

acceptance

ping 10.7.7.1

resources

https://wiki.debian.org/OpenVPN


HOME | GUIDES | LECTURES | LAB | SMTP HEALTH | HTML5 | CONTACT
Copyright © 2024 Pierre-Philipp Braun