OpenVPN: IPv4 /32 multi-client
Revision as of 06:38, 17 February 2019 by Onnowpurbo (talk | contribs)
sumber: https://www.ostechnix.com/easiest-way-install-configure-openvpn-server-linux/
Topology
CLIENT 1 ------- HOST A ---------------- HOST B ovpn server ovpn client
HOST C ovpn client
Host A akan berfungsi sebagai OpenVPN Server.
OS : Ubuntu 18.04 IP : 192.168.0.239/24 hostname : vpnserver
Host B akan berfungsi sebagai OpenVPN client
OS : Ubuntu 18.04
Host C akan berfungsi sebagai OpenVPN client
OS : Ubuntu 18.04
Buat Client Config di Server
Konfigurasi client dibuat di server menggunakan
cd /usr/local/src/ bash openvpn-install.sh
Keluar
Looks like OpenVPN is already installed. What do you want to do? 1) Add a new user 2) Revoke an existing user 3) Remove OpenVPN 4) Exit Select an option [1-4]:
Pilih 1 dan akan dibuatkan config untuk client2 dst. File ini ada di /root/client2.ovpn.
Copykan file tersebut ke client.
Konfigurasi OpenVPN Client
Pastikan openvpn terinstalsi
sudo su apt install openssh-server openvpn
Edit /etc/hosts isi dengan nama OpenVPN server
192.168.0.239 vpnserver
Jalankan OpenVPN client
cd ~ sudo su openvpn --config client2.ovpn
Akan keluar kira-kira
.. .. Sat Feb 16 08:24:45 2019 TUN/TAP device tun0 opened Sat Feb 16 08:24:45 2019 TUN/TAP TX queue length set to 100 Sat Feb 16 08:24:45 2019 do_ifconfig, tt->did_ifconfig_ipv6_setup=0 Sat Feb 16 08:24:45 2019 /sbin/ip link set dev tun0 up mtu 1500 Sat Feb 16 08:24:45 2019 /sbin/ip addr add dev tun0 10.8.0.2/24 broadcast 10.8.0.255 Sat Feb 16 08:24:45 2019 /sbin/ip route add 192.168.0.239/32 dev enp0s3 Sat Feb 16 08:24:45 2019 /sbin/ip route add 0.0.0.0/1 via 10.8.0.1 Sat Feb 16 08:24:45 2019 /sbin/ip route add 128.0.0.0/1 via 10.8.0.1 Sat Feb 16 08:24:45 2019 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this Sat Feb 16 08:24:45 2019 Initialization Sequence Completed
Cek interface, akan muncul tun0
ifconfig
tun0: flags=4305<UP,POINTOPOINT,RUNNING,NOARP,MULTICAST> mtu 1500 inet 10.8.0.3 netmask 255.255.255.0 destination 10.8.0.2 inet6 fe80::28c4:3e38:2497:e12a prefixlen 64 scopeid 0x20<link> unspec 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00 txqueuelen 100 (UNSPEC) RX packets 51 bytes 11522 (11.5 KB) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 134 bytes 43524 (43.5 KB) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
Cek sambungan
ping -c3 10.8.0.1
Sample output:
PING 10.8.0.1 (10.8.0.1) 56(84) bytes of data. 64 bytes from 10.8.0.1: icmp_seq=1 ttl=64 time=0.539 ms 64 bytes from 10.8.0.1: icmp_seq=2 ttl=64 time=1.17 ms 64 bytes from 10.8.0.1: icmp_seq=3 ttl=64 time=0.921 ms --- 10.8.0.1 ping statistics --- 3 packets transmitted, 3 received, 0% packet loss, time 2007ms rtt min/avg/max/mdev = 0.539/0.878/1.176/0.264 ms
Cek routing
route -n
Sample output
Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 0.0.0.0 10.8.0.1 128.0.0.0 UG 0 0 0 tun0
Anda sudah tersambung ke VPN dengan IP 10.8.0.0/24
Referensi
- https://www.ostechnix.com/easiest-way-install-configure-openvpn-server-linux/
- https://www.itsfullofstars.de/2018/09/openvpn-assign-static-ip-to-client/