from small one page howto to huge articles all in one place
 

search text in:




Other .linuxhowtos.org sites: www.linuxhowtos.org
toolsntoys.linuxhowtos.org



Last additions:
How to make X listen on port 6000

How to make X listen on port 6000

words:

34

views:

41794

userrating:

average rating: 1.5 (4 votes) (1=very good 6=terrible)


May, 25th 2007:
April, 26th 2007:
Apr, 10th. 2007:
Druckversion . pdf icon
You are here: Tutorials per portage category->net-misc->openvpn

OpenVPN primer


There are as many advantages to VPN tunnels as there are different VPN scenarios. One easy implementation is the "OpenVPN via tun-device" solution. An example: you'd like to connect your laptop to your LAN at home so that you can use your mail client without reconfiguring it anytime you switch from home to internet and back. Let's say your mail-server is 192.168.1.10 in your LAN (192.168.1.0/24) at home, and you have got a router/firewall providing access to the Internet. You connect from work or school and want to read mail. OpenVPN can create two virtual devices for you when connecting two computers through an encrypted tunnel. Naturally you then have the possibility of forwarding traffic into the networks behind them, and thus would be "virtually connected" to your LAN behind the firewall. To enable this, either your firewall or a server behind it should run OpenVPN (if you choose a server in your LAN, you'll have to forward the destination port to the OpenVPN server).

Here's what you need to do:
Code Listing 1: Enable the tun module in your kernel: Kernel config - tun module
          [*] Networking support    
Networking options --->
[ ] Amateur Radio support --->
< > IrDA (infrared) subsystem support --->
< > Bluetooth subsystem support --->
[*] Network device support
< > Dummy net driver support
< > Bonding driver support
< > EQL (serial line load balancing) support
Universal TUN/TAP device driver support
// This option must be enabled


Make sure this module exists and can be loaded. Next, install OpenVPN and it dependencies.
Code Listing 2: Install OpenVPN
emerge openvpn

Now on both server and client, create a directory for your configuration:

Code Listing 3: Make directory
mkdir /etc/openvpn    
mkdir /etc/openvpn/myhomelan


Inside that directory, create a shared key for your VPN session and copy that key to the client's directory, /etc/openvpn/myhomelan.

Code Listing 4: Generate shared key
cd /etc/openvpn/myhomelan    
openvpn --genkey --secret myhomelan-key.txt


Now for the tricky part, the routing. It is important that the two tun devices on the client and server use IP addresses from the same subnet. The configuration files shown below list the type of device, the two end-points of the tunnel, the compression method and the UDP-port on which the tunnel is established. Finally privileges are dropped to user and group as listed:

Code Listing 5: Server-side configuration file /etc/openvpn/myhomelan/local.conf
dev tun    
ifconfig 172.16.1.1 172.16.1.20 // IP of the local
// tun device and its peer
secret /etc/openvpn/myhomelan/myhomelan-key.txt
comp-lzo
port 5000
user nobody
group nobody


The client's configuration needs the tunnel's destination address. This is often a dynamic DNS address, sometimes a fixed IP, depending on your ISP. You also need to route to your home LAN (192.168.1.0 in our example). You can call a shell script from the configuration file that accordingly sets a route.

Code Listing 6: Client-side configuration file /etc/openvpn/myhomelan/local.conf
remote    // or your VPN 
// server's external IP if you have a fixed one
dev tun
ifconfig 172.16.1.20 172.16.1.1 // IP of the local tun
// device and its peer
secret /etc/openvpn/myhomelan/myhomelan-key.txt
comp-lzo
port 5000
user nobody
group nobody
up /etc/openvpn/myhomelan/route.sh // sets up the route
//to the network behind the VPN server


The route command would need to set the client's gateway for the network 192.168.1.0 to its peer's address (172.16.1.1 in our setup).

Code Listing 7: /etc/openvpn/myhomelan/route.sh
#!/bin/bash    
route add -net 192.168.1.0 netmask 255.255.255.0 gw 172.16.1.1


That's it. Start OpenVPN on the server and the client, and check the devices with ifconfig and the routes with route -n. Success!

From http://www.gentoo.org/news/en/gwn/20041011-newsletter.xml
rate this article:
current rating: average rating: 2.4 (16 votes) (1=very good 6=terrible)
Your rating:
Very good (1) Good (2) ok (3) average (4) bad (5) terrible (6)

back



Other free services
toURL.org
Shorten long
URLs to short
links like
http://tourl.org/2
tourl.org
.
Reverse DNS lookup
Find out which hostname(s)
resolve to a
given IP or other hostnames for the server
www.reversednslookup.org

New Packages

- as rdf newsfeed
- as rss newsfeed
- as Atom newsfeed
2018-07-22
abrt - 2.10.10-r2
Ebuild name:

app-admin/abrt-2.10.10-r2

Description

Automatic bug detection and reporting tool

Added to portage

2018-07-22

alot - 0.7-r1
Ebuild name:

mail-client/alot-0.7-r1

Description

Experimental terminal UI for net-mail/notmuch written in Python

Added to portage

2018-07-22

catalyst - 3.0.2
Ebuild name:

dev-util/catalyst-3.0.2

Description

Release metatool used for creating releases based on Gentoo Linux

Added to portage

2018-07-22

chromium - 68.0.3440.68
Ebuild name:

www-client/chromium-68.0.3440.68

Description

Open-source version of Google Chrome web browser

Added to portage

2018-07-22

chromium - 69.0.3493.3
Ebuild name:

www-client/chromium-69.0.3493.3

Description

Open-source version of Google Chrome web browser

Added to portage

2018-07-22

django-openstack-auth - 3.2.0-r1
Ebuild name:

dev-python/django-openstack-auth-3.2.0-r1

Description

Django authentication backend for use with OpenStack Keys

Added to portage

2018-07-22

django-tastypie - 0.13.3-r1
Ebuild name:

dev-python/django-tastypie-0.13.3-r1

Description

A flexible and capable API layer for django utilising serialis

Added to portage

2018-07-22

enlightenment-extra - 0.0.1
Ebuild name:

x11-misc/enlightenment-extra-0.0.1

Description

An app for downloading themes and add-ons to Enlightenment WM

Added to portage

2018-07-22

gn - 0.1445
Ebuild name:

dev-util/gn-0.1445

Description

GN is a meta-build system that generates build files for Ninja

Added to portage

2018-07-22

icinga2 - 2.9.0-r1
Ebuild name:

net-analyzer/icinga2-2.9.0-r1

Description

Distributed, general purpose, network monitoring engine

Added to portage

2018-07-22

lsscsi - 0.30
Ebuild name:

sys-fs/lsscsi-0.30

Description

SCSI sysfs query tool

Added to portage

2018-07-22

m2vrequantizer - 0.0.2_pre20060306-r1
Ebuild name:

media-video/m2vrequantizer-0.0.2_pre20060306-r1

Description

Tool to requantize mpeg2 videos

Added to portage

2018-07-22

pydecomp - 0.3
Ebuild name:

dev-python/pydecomp-0.3

Description

A python library of common (de)compression and contents handling

Added to portage

2018-07-22

seaborn - 0.8.1
Ebuild name:

dev-python/seaborn-0.8.1

Description

Statistical data visualization

Added to portage

2018-07-22

sshrc - 0.6.2
Ebuild name:

net-misc/sshrc-0.6.2

Description

Bring your .bashrc, .vimrc, etc. from your local machine when you ssh

Added to portage

2018-07-22

yamagi-quake2 - 7.21
Ebuild name:

games-fps/yamagi-quake2-7.21

Description

Quake 2 engine focused on single player

Added to portage

2018-07-22

2018-07-21
biblatex - 3.4-r2
Ebuild name:

dev-tex/biblatex-3.4-r2

Description

Reimplementation of the bibliographic facilities provided by LaTeX

Added to portage

2018-07-21

capybara - 3.4.1
Ebuild name:

dev-ruby/capybara-3.4.1

Description

Capybara aims to simplify the process of integration testing Rack applicati

Added to portage

2018-07-21

chromium - 67.0.3396.99
Ebuild name:

www-client/chromium-67.0.3396.99

Description

Open-source version of Google Chrome web browser

Added to portage

2018-07-21

cryptsetup - 1.7.5-r1
Ebuild name:

sys-fs/cryptsetup-1.7.5-r1

Description

Tool to setup encrypted devices with dm-crypt

Added to portage

2018-07-21

cryptsetup - 2.0.3-r1
Ebuild name:

sys-fs/cryptsetup-2.0.3-r1

Description

Tool to setup encrypted devices with dm-crypt

Added to portage

2018-07-21

django - 1.8.19
Ebuild name:

dev-python/django-1.8.19

Description

High-level Python web framework

Added to portage

2018-07-21

dolphin - 18.04.3-r1
Ebuild name:

kde-apps/dolphin-18.04.3-r1

Description

Plasma filemanager focusing on usability

Added to portage

2018-07-21

freeciv - 2.6.0_rc2
Ebuild name:

games-strategy/freeciv-2.6.0_rc2

Description

multiplayer strategy game (Civilization Clone)

Added to portage

2018-07-21

glep63-check - 2
Ebuild name:

app-crypt/glep63-check-2

Description

GLEP 63 compliance checker for OpenPGP keys

Added to portage

2018-07-21

kio - 5.48.0-r1
Ebuild name:

kde-frameworks/kio-5.48.0-r1

Description

Framework providing transparent file and data management

Added to portage

2018-07-21

lldpd - 1.0.1-r1
Ebuild name:

net-misc/lldpd-1.0.1-r1

Description

Implementation of IEEE 802.1ab (LLDP)

Added to portage

2018-07-21

love - 0.10.2
Ebuild name:

games-engines/love-0.10.2

Description

A framework for 2D games in Lua

Added to portage

2018-07-21

love - 0.8.0-r2
Ebuild name:

games-engines/love-0.8.0-r2

Description

A framework for 2D games in Lua

Added to portage

2018-07-21

love - 11.1
Ebuild name:

games-engines/love-11.1

Description

A framework for 2D games in Lua

Added to portage

2018-07-21

love - 9999
Ebuild name:

games-engines/love-9999

Description

A framework for 2D games in Lua

Added to portage

2018-07-21

meson - 0.47.1
Ebuild name:

dev-util/meson-0.47.1

Description

Open source build system

Added to portage

2018-07-21

minidb - 2.0.2-r1
Ebuild name:

dev-python/minidb-2.0.2-r1

Description

Simple SQLite-based object store

Added to portage

2018-07-21

mrrescue - 1.02b-r2
Ebuild name:

games-arcade/mrrescue-1.02b-r2

Description

Arcade 2d action game based around evacuating civilians from burning

Added to portage

2018-07-21

mysql - 5.5.60-r1
Ebuild name:

dev-db/mysql-5.5.60-r1

Description

An enhanced, drop-in replacement for MySQL

Added to portage

2018-07-21

mysql - 5.6.40-r1
Ebuild name:

dev-db/mysql-5.6.40-r1

Description

A fast, multi-threaded, multi-user SQL database server

Added to portage

2018-07-21

nginx - 1.14.0-r3
Ebuild name:

www-servers/nginx-1.14.0-r3

Description

Robust, small and high performance http and reverse proxy server

Added to portage

2018-07-21

nginx - 1.15.1-r1
Ebuild name:

www-servers/nginx-1.15.1-r1

Description

Robust, small and high performance http and reverse proxy server

Added to portage

2018-07-21

nmrdepaker - 1.0
Ebuild name:

sci-chemistry/nmrdepaker-1.0

Description

Program to perform NMR spectra 'De-Pake-ing' and moment calculation

Added to portage

2018-07-21

nv-codec-headers - 8.1.24.2
Ebuild name:

media-libs/nv-codec-headers-8.1.24.2

Description

FFmpeg version of headers required to interface with Nvidias c

Added to portage

2018-07-21

nvidia-drivers - 396.45
Ebuild name:

x11-drivers/nvidia-drivers-396.45

Description

NVIDIA Accelerated Graphics Driver

Added to portage

2018-07-21

opera-beta - 55.0.2994.20
Ebuild name:

www-client/opera-beta-55.0.2994.20

Description

A fast and secure web browser

Added to portage

2018-07-21

orthorobot - 0-r2
Ebuild name:

games-arcade/orthorobot-0-r2

Description

Perspective based puzzle game, where you flatten the view to move acro

Added to portage

2018-07-21

pbr - 4.1.1
Ebuild name:

dev-python/pbr-4.1.1

Description

Inject some useful and sensible default behaviors into setuptools

Added to portage

2018-07-21

percona-server - 5.6.40.84.0
Ebuild name:

dev-db/percona-server-5.6.40.84.0

Description

An enhanced, drop-in replacement for MySQL from the Percona team

Added to portage

2018-07-21

php - 5.6.37
Ebuild name:

dev-lang/php-5.6.37

Description

The PHP language runtime engine

Added to portage

2018-07-21

php - 7.0.31
Ebuild name:

dev-lang/php-7.0.31

Description

The PHP language runtime engine

Added to portage

2018-07-21

php - 7.1.20
Ebuild name:

dev-lang/php-7.1.20

Description

The PHP language runtime engine

Added to portage

2018-07-21

php - 7.2.8
Ebuild name:

dev-lang/php-7.2.8

Description

The PHP language runtime engine

Added to portage

2018-07-21

pytest-mock - 1.10.0
Ebuild name:

dev-python/pytest-mock-1.10.0

Description

Thin-wrapper around the mock package for easier use with py.test

Added to portage

2018-07-21

selenium-webdriver - 3.13.1
Ebuild name:

dev-ruby/selenium-webdriver-3.13.1

Description

This gem provides Ruby bindings for WebDriver

Added to portage

2018-07-21

skim - 0.5.1
Ebuild name:

app-misc/skim-0.5.1

Description

a command-line fuzzy finder

Added to portage

2018-07-21

texi2dvi - 0-r2
Ebuild name:

virtual/texi2dvi-0-r2

Description

Virtual for texi2dvi (and texi2pdf)

Added to portage

2018-07-21

torrentinfo - 1.8.6-r2
Ebuild name:

net-p2p/torrentinfo-1.8.6-r2

Description

A torrent file parser

Added to portage

2018-07-21

trosh - 20-r2
Ebuild name:

games-action/trosh-20-r2

Description

A game made in 20 hours for a friend. It has explosions

Added to portage

2018-07-21

unifi - 5.9.16
Ebuild name:

net-wireless/unifi-5.9.16

Description

A Management Controller for Ubiquiti Networks UniFi APs

Added to portage

2018-07-21

wine-any - 3.13
Ebuild name:

app-emulation/wine-any-3.13

Description

Free implementation of Windows(tm) on Unix, with optional external patc

Added to portage

2018-07-21

wine-d3d9 - 3.13
Ebuild name:

app-emulation/wine-d3d9-3.13

Description

Free implementation of Windows(tm) on Unix, with Gallium Nine patchset

Added to portage

2018-07-21

wine-staging - 3.13
Ebuild name:

app-emulation/wine-staging-3.13

Description

Free implementation of Windows(tm) on Unix, with Wine-Staging patch

Added to portage

2018-07-21

wine-vanilla - 3.13
Ebuild name:

app-emulation/wine-vanilla-3.13

Description

Free implementation of Windows(tm) on Unix, without external patchs

Added to portage

2018-07-21

rdf newsfeed | rss newsfeed | Atom newsfeed
- Powered by LeopardCMS - Running on Gentoo -
Copyright 2004-2018 Sascha Nitsch Unternehmensberatung UG(haftungsbeschänkt)
Valid XHTML1.1 : Valid CSS : buttonmaker
- Level Triple-A Conformance to Web Content Accessibility Guidelines 1.0 -
- Copyright and legal notices -
Time to create this page: 63.8 ms