OpenVPN: IPv4 /32 single client

From OnnoWiki
Jump to navigation Jump to search

sumber: https://www.ostechnix.com/easiest-way-install-configure-openvpn-server-linux/


Topology

CLIENT 1 ------- HOST A ---------------- HOST B --------- CLIENT 2
                 ovpn server             ovpn client



Host A akan berfungsi sebagai OpenVPN Server.

OS : Ubuntu 18.04
IP : 192.168.0.239/24
hostname : vpnserver


Host B akan berfungsi sebagai OpenVPN client

OS : Ubuntu 18.04
IP : 192.168.0.237/24

Instal & Konfigurasi OpenVPN Server

Download script openvpn-install dari github

sudo su
apt install openssh-server openvpn

cd /usr/local/src
wget https://git.io/vpn -O openvpn-install.sh
bash openvpn-install.sh

Jawab pertanyaan:

IP address: 192.168.0.239
Public IP address / hostname: vpnserver
Protocol [1-2]: 1 -- UDP
Port: 1194
DNS [1-5]: 1
Client name: client
Press any key to continue...  <ENTER>

Maka akan tampak file client.ovpn, di

/root/client.ovpn

Copykan ke client

scp client.ovpn root@192.168.0.237:/etc/openvpn/

Konfigurasi OpenVPN Client

Pastikan openvpn terinstalsi

apt install openssh-server openvpn

Jalankan OpenVPN client

cd ~
sudo su
openvpn --config client.ovpn

Sample output:

Now, check if tun0(VPN interface) is created, and check the VPN interface IP address using ‘ip addr’ command:

ip addr

Sample output:

1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN 
 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
 inet 127.0.0.1/8 scope host lo
 valid_lft forever preferred_lft forever
 inet6 ::1/128 scope host 
 valid_lft forever preferred_lft forever
2: enp0s3: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP  qlen 1000
 link/ether 08:00:27:28:98:6b brd ff:ff:ff:ff:ff:ff
 inet 192.168.43.199/24 brd 192.168.43.255 scope global dynamic enp0s3
 valid_lft 42359sec preferred_lft 42359sec
 inet6 fe80::a00:27ff:fe28:986b/64 scope link 
 valid_lft forever preferred_lft forever
3: tun0: <POINTOPOINT,MULTICAST,NOARP,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UNKNOWN qlen 100
 link/none 
 inet 10.8.0.2/24 brd 10.8.0.255 scope global tun0
 valid_lft forever preferred_lft forever

As you can see in the above output, Our VPN server automatically assigned an IP address 10.8.0.2 to the VPN client.

Now, try to ping the VPN server from your VPN client system:

ping -c3 10.8.0.1

Sample output:

PING 10.8.0.1 (10.8.0.1) 56(84) bytes of data.
64 bytes from 10.8.0.1: icmp_seq=1 ttl=64 time=1.05 ms
64 bytes from 10.8.0.1: icmp_seq=2 ttl=64 time=1.94 ms
64 bytes from 10.8.0.1: icmp_seq=3 ttl=64 time=2.49 ms

--- 10.8.0.1 ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 2001ms
rtt min/avg/max/mdev = 1.057/1.832/2.495/0.594 ms

Congratulations! We have now successfully installed and configured OpenVPN server and client in CentOS. This method is same for DEB based systems such as Ubuntu and Linux Mint. Unlike the manual installation, this script makes the the openvpn installation and configuration much easier.

Cheers!

Referensi

Pranala Menarik