Difference between revisions of "Install openvpn in Ubuntu 14.04"

Revision as of 15:36, 25 July 2016

Reference - https://www.digitalocean.com/community/tutorials/how-to-set-up-an-openvpn-server-on-ubuntu-14-04
apt-get update
apt-get install openvpn easy-rsa
gunzip -c /usr/share/doc/openvpn/examples/sample-config-files/server.conf.gz > /etc/openvpn/server.conf
vim /etc/openvpn/server.conf
Edit dh1024.pem to say:
dh2048.pem
Uncomment push "redirect-gateway def1 bypass-dhcp" so the VPN server passes on clients' web traffic to its destination.
Uncomment push "dhcp-option DNS 208.67.222.222" and push "dhcp-option DNS 208.67.220.220".
The dns servers should be configured in the clients dns as well.
Uncomment both user nobody and group nogroup.

Packet Forwarding
echo 1 > /proc/sys/net/ipv4/ip_forward
In sysctl.conf uncomment below
net.ipv4.ip_forward=1

Firewall stuff
ufw allow 1194/udp
vim /etc/default/ufw
Change drop to accept
EFAULT_FORWARD_POLICY="ACCEPT"

Next we will add additional ufw rules for network address translation and IP masquerading of connected clients.
vim /etc/ufw/before.rules
Add the below to top of file :

# START OPENVPN RULES
# NAT table rules
*nat
:POSTROUTING ACCEPT [0:0] 
# Allow traffic from OpenVPN client to eth0
-A POSTROUTING -s 10.8.0.0/8 -o eth0 -j MASQUERADE
COMMIT
# END OPENVPN RULES