WaaromZoMoeilijk · August 6, 2016 19:51
diff --git a/openvpn_server.sh b/openvpn_server.sh
 ROUTER="192.168.1.1"
 IP="192.168.1.143"

 sudo apt-get install openvpn -y  
 cd /etc/openvpn
 git clone https://github.com/OpenVPN/easy-rsa.git
 cd easy-rsa  
 git checkout 2.2.2
 sed -i 's|`pwd`|/etc/openvpn/easy-rsa|g' /etc/openvpn/easy-rsa/vars
 source ./vars
 ./clean-all
 ./build-ca
 ./build-key-server Pi
 ./build-key-pass User1 
 cd keys  
 openssl rsa -in User1.key -des3 -out User1.3des.key 
 cd ..  
 ./build-dh
 openvpn --genkey --secret keys/ta.key 

 cat <<-CONF > "nano /etc/openvpn/server.conf"
 local $IP # SWAP THIS NUMBER WITH YOUR RASPBERRY PI IP ADDRESS
 dev tun 
 proto udp #Some people prefer to use tcp. Don't change it if you don't know.
 port 1194 
 ca /etc/openvpn/easy-rsa/keys/ca.crt 
 cert /etc/openvpn/easy-rsa/keys/Pi.crt # SWAP WITH YOUR CRT NAME
 key /etc/openvpn/easy-rsa/keys/Pi.key # SWAP WITH YOUR KEY NAME
 dh /etc/openvpn/easy-rsa/keys/dh2048.pem
 server 10.8.0.0 255.255.255.0 
 # server and remote endpoints 
 ifconfig 10.8.0.1 10.8.0.2 
 # Add route to Client routing table for the OpenVPN Server 
 push "route 10.8.0.1 255.255.255.255" 
 # Add route to Client routing table for the OpenVPN Subnet 
 push "route 10.8.0.0 255.255.255.0" 
 # your local subnet 
 push "route $IP 255.255.255.0" # SWAP THE IP NUMBER WITH YOUR RASPBERRY PI IP ADDRESS
 # Set primary domain name server address to the SOHO Router 
 # If your router does not do DNS, you can use Google DNS 8.8.8.8 
 push "dhcp-option DNS $ROUTER" # This should match your router's IP address.
 # Override the Client default gateway by using 0.0.0.0/1 and 
 # 128.0.0.0/1 rather than 0.0.0.0/0. This has the benefit of 
 # overriding but not wiping out the original default gateway. 
 push "redirect-gateway def1" 
 client-to-client 
 duplicate-cn 
 keepalive 10 120 
 tls-auth /etc/openvpn/easy-rsa/keys/ta.key 0 
 cipher AES-128-CBC 
 comp-lzo 
 user nobody 
 group nogroup 
 persist-key 
 persist-tun 
 status /var/log/openvpn-status.log 20 
 log /var/log/openvpn.log 
 verb 1
 CONF
	ROUTER="192.168.1.1"
	IP="192.168.1.143"

	sudo apt-get install openvpn -y
	cd /etc/openvpn
	git clone https://github.com/OpenVPN/easy-rsa.git
	cd easy-rsa
	git checkout 2.2.2
	sed -i 's\|`pwd`\|/etc/openvpn/easy-rsa\|g' /etc/openvpn/easy-rsa/vars
	source ./vars
	./clean-all
	./build-ca
	./build-key-server Pi
	./build-key-pass User1
	cd keys
	openssl rsa -in User1.key -des3 -out User1.3des.key
	cd ..
	./build-dh
	openvpn --genkey --secret keys/ta.key

	cat <<-CONF > "nano /etc/openvpn/server.conf"
	local $IP # SWAP THIS NUMBER WITH YOUR RASPBERRY PI IP ADDRESS
	dev tun
	proto udp #Some people prefer to use tcp. Don't change it if you don't know.
	port 1194
	ca /etc/openvpn/easy-rsa/keys/ca.crt
	cert /etc/openvpn/easy-rsa/keys/Pi.crt # SWAP WITH YOUR CRT NAME
	key /etc/openvpn/easy-rsa/keys/Pi.key # SWAP WITH YOUR KEY NAME
	dh /etc/openvpn/easy-rsa/keys/dh2048.pem
	server 10.8.0.0 255.255.255.0
	# server and remote endpoints
	ifconfig 10.8.0.1 10.8.0.2
	# Add route to Client routing table for the OpenVPN Server
	push "route 10.8.0.1 255.255.255.255"
	# Add route to Client routing table for the OpenVPN Subnet
	push "route 10.8.0.0 255.255.255.0"
	# your local subnet
	push "route $IP 255.255.255.0" # SWAP THE IP NUMBER WITH YOUR RASPBERRY PI IP ADDRESS
	# Set primary domain name server address to the SOHO Router
	# If your router does not do DNS, you can use Google DNS 8.8.8.8
	push "dhcp-option DNS $ROUTER" # This should match your router's IP address.
	# Override the Client default gateway by using 0.0.0.0/1 and
	# 128.0.0.0/1 rather than 0.0.0.0/0. This has the benefit of
	# overriding but not wiping out the original default gateway.
	push "redirect-gateway def1"
	client-to-client
	duplicate-cn
	keepalive 10 120
	tls-auth /etc/openvpn/easy-rsa/keys/ta.key 0
	cipher AES-128-CBC
	comp-lzo
	user nobody
	group nogroup
	persist-key
	persist-tun
	status /var/log/openvpn-status.log 20
	log /var/log/openvpn.log
	verb 1
	CONF
No results found