Created
November 18, 2010 12:13
-
-
Save mallipeddi/704908 to your computer and use it in GitHub Desktop.
OpenVPN setup - server on Ubuntu & Tunnelblick on OS X (Snow Leopard)
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # install openvpn | |
| sudo apt-get install -y openvpn | |
| # NAT 192.168.99.1/2 subnet <-> eth0 (interface on server) | |
| sudo modprobe iptable_nat | |
| echo 1 | sudo tee /proc/sys/net/ipv4/ip_forward | |
| sudo iptables -t nat -A POSTROUTING -s 192.168.99.1/2 -o eth0 -j MASQUERADE | |
| # generate secret key; scp this key to the client later | |
| sudo openvpn --genkey --secret ovpn.key | |
| # add server config (see openvpn.conf gist) | |
| # start/stop openvpn server | |
| sudo /etc/init.d/openvpn { start | stop | restart } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # | |
| # OpenVPN server config (tested on Ubuntu) | |
| # | |
| port 8080 | |
| proto tcp-server | |
| dev tun1 | |
| # 192.168.99.1 is the local ip; 192.168.99.2 is the remote IP | |
| ifconfig 192.168.99.1 192.168.99.2 | |
| # logging | |
| status /var/log/openvpn.log | |
| verb 3 | |
| secret /etc/openvpn/ovpn.key |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # | |
| # Tunnelblick 3.0.0 OpenVPN client-side config; place this under ~/Library/Application Support/Tunnelblick/Configurations | |
| # | |
| dev tun1 | |
| proto tcp-client | |
| remote <your-vpn-server> 8080 | |
| resolv-retry infinite | |
| nobind | |
| persist-key | |
| persist-tun | |
| # scp the key file from server & put it in ~/Library/Application Support/Tunnelblick/Configurations | |
| secret yourkeyfile.key | |
| # verbose level | |
| verb 3 | |
| # upon successful connection, automatically add a default route to route all traffic to the tun | |
| # upon termination of vpn connection, restore the original default route | |
| redirect-gateway def1 | |
| # 192.168.99.2 is the local address; 192.168.99.1 is the remote address. | |
| ifconfig 192.168.99.2 192.168.99.1 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment