Difference between revisions of "VPNLinux"
(New page: == VPN Client - Linux == The VPN client for Linux comes with the OpenVPN. It's invoked with a script. This is the script to use (replacing XYZ for the nickname of the HDA you are trying ...) |
|||
(19 intermediate revisions by 5 users not shown) | |||
Line 3: | Line 3: | ||
The VPN client for Linux comes with the OpenVPN. It's invoked with a script. | The VPN client for Linux comes with the OpenVPN. It's invoked with a script. | ||
− | + | Save this script to a file called myvpn.conf. It should be saved in your users home folder (eg /home/joe). Replacing XYZ for the nickname of the HDA you are trying to connect to: | |
<pre><nowiki> | <pre><nowiki> | ||
Line 14: | Line 14: | ||
persist-key | persist-key | ||
persist-tun | persist-tun | ||
− | ca ca | + | ca ca.crt |
− | cert | + | cert Amahi-Client-OpenVPN.crt |
− | key | + | key Amahi-Client-OpenVPN.key |
comp-lzo | comp-lzo | ||
verb 3 | verb 3 | ||
auth-user-pass | auth-user-pass | ||
</nowiki></pre> | </nowiki></pre> | ||
+ | |||
+ | Be sure to also have a copy of the certificate files using the same names as the ''ca'', ''cert'', and ''key'' lines above: | ||
+ | |||
+ | The next step is to download the certificates. They can be found on the [[OpenVPN Client Certificates]] download page. Save them in your /home/username folder (where ''username'' is your main users name). | ||
+ | |||
+ | Then, as root, run the openvpn client software: | ||
+ | |||
+ | <pre><nowiki> | ||
+ | cd /home/username | ||
+ | openvpn --config myvpn.conf | ||
+ | </nowiki></pre> | ||
+ | |||
+ | Many messages should scroll by on your terminal screen and you should be requested for your username and password. Enter your HDA username here. | ||
+ | |||
+ | If you'd like to connect to the VPN without having to enter your username and password, here's what you need to do: | ||
+ | Create a file named ''credentials'' in the same directory as the above scripts. In it, write your username on the first line, and your password on the second line. Make it readable only by root: | ||
+ | |||
+ | <pre><nowiki> | ||
+ | sudo chown root:root credentials; sudo chmod 600 credentials | ||
+ | </nowiki></pre> | ||
+ | |||
+ | Then, as root, run the openvpn client software like this, instead of using the above commands: | ||
+ | |||
+ | <pre><nowiki> | ||
+ | cd /home/username | ||
+ | openvpn --config myvpn.conf --auth-user-pass credentials | ||
+ | </nowiki></pre> | ||
+ | |||
+ | Finally, if you'd like your VPN clients to get IP addresses in the same subnet as your HDA, and not in the 10.8.0.0/24 subnet (default), read this page: [[VPN Bridging]]. | ||
+ | |||
+ | [[Category: VPN]] |
Latest revision as of 14:06, 28 February 2017
VPN Client - Linux
The VPN client for Linux comes with the OpenVPN. It's invoked with a script.
Save this script to a file called myvpn.conf. It should be saved in your users home folder (eg /home/joe). Replacing XYZ for the nickname of the HDA you are trying to connect to:
remote XYZ.yourhda.com 1194 client dev tun proto udp resolv-retry infinite nobind persist-key persist-tun ca ca.crt cert Amahi-Client-OpenVPN.crt key Amahi-Client-OpenVPN.key comp-lzo verb 3 auth-user-pass
Be sure to also have a copy of the certificate files using the same names as the ca, cert, and key lines above:
The next step is to download the certificates. They can be found on the OpenVPN Client Certificates download page. Save them in your /home/username folder (where username is your main users name).
Then, as root, run the openvpn client software:
cd /home/username openvpn --config myvpn.conf
Many messages should scroll by on your terminal screen and you should be requested for your username and password. Enter your HDA username here.
If you'd like to connect to the VPN without having to enter your username and password, here's what you need to do: Create a file named credentials in the same directory as the above scripts. In it, write your username on the first line, and your password on the second line. Make it readable only by root:
sudo chown root:root credentials; sudo chmod 600 credentials
Then, as root, run the openvpn client software like this, instead of using the above commands:
cd /home/username openvpn --config myvpn.conf --auth-user-pass credentials
Finally, if you'd like your VPN clients to get IP addresses in the same subnet as your HDA, and not in the 10.8.0.0/24 subnet (default), read this page: VPN Bridging.