Internal Errigal Collaboration Wiki

User Tools

Site Tools

Trace: install_mysql restarting_application_container open_vpn_install_18 router_config open_vpn_install
databaseandnetworkmanagement:open_vpn_install

Table of Contents

Open VPN install on Ubuntu 16

The following tutorial gives a very in-depth tutorial on how to do this so I recommend just following that : https://www.digitalocean.com/community/tutorials/how-to-set-up-an-openvpn-server-on-ubuntu-16-04

The only extra items I did were:

  • create rules on the Netgear Router to allow port forward of 1194 (default Open VPN port) to comeragh
  • changed the udp protocol used to be tcp instead this is in 2 or 3 places in all of the configs nothing major
  • generated client files based on the person using them rather than calling it client1
  • Added dns to the config : sudo vi /etc/openvpn/server.conf and added two line : push “dhcp-option DNS 10.91.100.71” and push “dhcp-option DNS 10.5.5.50” - this was to force the DNS names as to not have to set them on the client manually

I encountered one issue however, the VPN would connect using tunnelblick on Mac, however the public IP did not change. I followed the trouble shooting guide here : https://tunnelblick.net/cConnectedBut.html The resolution was to edit the /etc/openvpn/server.conf file and uncomment this line : push “redirect-gateway def1 bypass-dhcp”

VPN Program for Mac

https://tunnelblick.net/downloads.html

Generating New VPN Certs

  • ssh to the VPN server
  • cd ~/openvpn-ca
  • source vars
  • ./build-key-pass firstname_lastname
  • # Give them a good password (pem passphrase), you can just press enter for everything else except for email, change their email, do not set a challenge password just press enter.
  • # When asked to sign, y and enter, when asked to commit y and enter
  • # if an error appears such as db then the user already exists so give them a different name like firstname_lastname_1 etc.
  • # if successful it should say : Write out database with 1 new entries\n Data Base Updated
  • cd ~/client-configs
  • ./make_config.sh firstname_lastname
  • # The opvn file should be located : ~/client-configs/files

Revoking VPN Certs

  • cd ~/openvpn-ca
  • source vars
  • ./revoke-full their_user
  • sudo cp ~/openvpn-ca/keys/crl.pem /etc/openvpn
  • sudo systemctl restart openvpn@server

Revoking Google auth

  • /usr/local/openvpn_as/scripts
  • sudo ./confdba -u -m -k pvt_google_auth_secret_locked -v false -p username
databaseandnetworkmanagement/open_vpn_install.txt · Last modified: 2021/06/25 10:09 by 127.0.0.1

Page Tools

Donate Powered by PHP Valid HTML5 Valid CSS Driven by DokuWiki