Home » Posts tagged 'OpenVPN'

Tag Archives: OpenVPN

OpenVPN on www.digitalocean.com CentOS VPS

Installation is easy using the procedure stated on their knowledge base:

http://goo.gl/qmtEm

Some things to be aware off:

After you follow the setup, you would be able to access only the VPS.

To route all traffic from the vpn clients through the tunnel to the internet, you have to make changes to the OpenVPN server configuration:

Change the default route of the vpn clients, uncomment the following line in the server configuration:
push "redirect-gateway def1"

Push DNS to the clients, in this example Google’s Open DNS is used:
push "dhcp-option DNS 8.8.8.8"
push "dhcp-option DNS 8.8.4.4"

Changes have to be done to the iptables rule to route traffic from the tunnel to the Internet:
iptables -A FORWARD -m state --state RELATED,ESTABLISHED -j ACCEPT
iptables -A FORWARD -s 10.8.0.0/24 -j ACCEPT
iptables -A FORWARD -j REJECT
iptables -t nat -A POSTROUTING -s 10.8.0.0/24-o eth0 -j MASQUERADE
iptables -t nat -A POSTROUTING -j SNAT --to-source xxx.xxx.xxx.xxx

Where xxx.xxx.xxx.xxx is the public ip address of the VPS.

Change the client configuration file to point to the files, instead of copying the content of the certificates to the the client configuration (ovpn files).

Reference:
http://www.servermom.com/how-to-build-openvpn-server-on-centos-6-x/732/

Advertisements

Notas sobre OpenVPN en Windows Server 2012

Descargar el instalable que se indica en esta guía, porque contiene el easy-rsa y OpenSSL:
https://community.openvpn.net/openvpn/wiki/Easy_Windows_Guide

Para poder rutear todo el trafico de los clientes por el tunel, hay que habilitar el NAT en el servidor:
https://community.openvpn.net/openvpn/wiki/NatOverWindows2008

Para poder instalar el Remote Access en Windows Server 2012 hay que instalar varios features. Para poder encontrar donde esta la opcion de Configure and Enable Routing and Remote Access, usar esta guía…
http://daviwa.blogspot.com/2012/11/windows-server-2012-enable-rras-as-nat.html