from small one page howto to huge articles all in one place

search text in:




Other .linuxhowtos.org sites: www.linuxhowtos.org
toolsntoys.linuxhowtos.org



Last additions:
How to make X listen on port 6000

How to make X listen on port 6000

words:

34

views:

86489

userrating:

average rating: 1.2 (52 votes) (1=very good 6=terrible)


May, 25th 2007:
April, 26th 2007:
Apr, 10th. 2007:
Druckversion . pdf icon
You are here: Tutorials per portage category->net-misc->openvpn

OpenVPN primer


There are as many advantages to VPN tunnels as there are different VPN scenarios. One easy implementation is the "OpenVPN via tun-device" solution. An example: you'd like to connect your laptop to your LAN at home so that you can use your mail client without reconfiguring it anytime you switch from home to internet and back. Let's say your mail-server is 192.168.1.10 in your LAN (192.168.1.0/24) at home, and you have got a router/firewall providing access to the Internet. You connect from work or school and want to read mail. OpenVPN can create two virtual devices for you when connecting two computers through an encrypted tunnel. Naturally you then have the possibility of forwarding traffic into the networks behind them, and thus would be "virtually connected" to your LAN behind the firewall. To enable this, either your firewall or a server behind it should run OpenVPN (if you choose a server in your LAN, you'll have to forward the destination port to the OpenVPN server).

Here's what you need to do:
Code Listing 1: Enable the tun module in your kernel: Kernel config - tun module
          [*] Networking support    
Networking options --->
[ ] Amateur Radio support --->
< > IrDA (infrared) subsystem support --->
< > Bluetooth subsystem support --->
[*] Network device support
< > Dummy net driver support
< > Bonding driver support
< > EQL (serial line load balancing) support
Universal TUN/TAP device driver support
// This option must be enabled


Make sure this module exists and can be loaded. Next, install OpenVPN and it dependencies.
Code Listing 2: Install OpenVPN
emerge openvpn

Now on both server and client, create a directory for your configuration:

Code Listing 3: Make directory
mkdir /etc/openvpn    
mkdir /etc/openvpn/myhomelan


Inside that directory, create a shared key for your VPN session and copy that key to the client's directory, /etc/openvpn/myhomelan.

Code Listing 4: Generate shared key
cd /etc/openvpn/myhomelan    
openvpn --genkey --secret myhomelan-key.txt


Now for the tricky part, the routing. It is important that the two tun devices on the client and server use IP addresses from the same subnet. The configuration files shown below list the type of device, the two end-points of the tunnel, the compression method and the UDP-port on which the tunnel is established. Finally privileges are dropped to user and group as listed:

Code Listing 5: Server-side configuration file /etc/openvpn/myhomelan/local.conf
dev tun    
ifconfig 172.16.1.1 172.16.1.20 // IP of the local
// tun device and its peer
secret /etc/openvpn/myhomelan/myhomelan-key.txt
comp-lzo
port 5000
user nobody
group nobody


The client's configuration needs the tunnel's destination address. This is often a dynamic DNS address, sometimes a fixed IP, depending on your ISP. You also need to route to your home LAN (192.168.1.0 in our example). You can call a shell script from the configuration file that accordingly sets a route.

Code Listing 6: Client-side configuration file /etc/openvpn/myhomelan/local.conf
remote    // or your VPN 
// server's external IP if you have a fixed one
dev tun
ifconfig 172.16.1.20 172.16.1.1 // IP of the local tun
// device and its peer
secret /etc/openvpn/myhomelan/myhomelan-key.txt
comp-lzo
port 5000
user nobody
group nobody
up /etc/openvpn/myhomelan/route.sh // sets up the route
//to the network behind the VPN server


The route command would need to set the client's gateway for the network 192.168.1.0 to its peer's address (172.16.1.1 in our setup).

Code Listing 7: /etc/openvpn/myhomelan/route.sh
#!/bin/bash    
route add -net 192.168.1.0 netmask 255.255.255.0 gw 172.16.1.1


That's it. Start OpenVPN on the server and the client, and check the devices with ifconfig and the routes with route -n. Success!

From http://www.gentoo.org/news/en/gwn/20041011-newsletter.xml
rate this article:
current rating: average rating: 1.5 (69 votes) (1=very good 6=terrible)
Your rating:
Very good (1) Good (2) ok (3) average (4) bad (5) terrible (6)

back



Support us on Content Nation

New Packages

- as rdf newsfeed
- as rss newsfeed
- as Atom newsfeed
2026-07-02
aiohappyeyeballs - 2.7.1
Ebuild name:

dev-python/aiohappyeyeballs-2.7.1

Description

Happy Eyeballs for pre-resolved hosts

Added to portage

2026-07-02

argcomplete - 3.7.0
Ebuild name:

dev-python/argcomplete-3.7.0

Description

Bash tab completion for argparse

Added to portage

2026-07-02

asterisk - 20.20.1
Ebuild name:

net-misc/asterisk-20.20.1

Description

Asterisk A Modular Open Source PBX System

Added to portage

2026-07-02

aws-sam-translator - 1.111.0
Ebuild name:

dev-python/aws-sam-translator-1.111.0

Description

A library that transform SAM templates into AWS CloudFormatio

Added to portage

2026-07-02

awscli - 1.45.39
Ebuild name:

app-admin/awscli-1.45.39

Description

Universal Command Line Environment for AWS

Added to portage

2026-07-02

boto3 - 1.43.39
Ebuild name:

dev-python/boto3-1.43.39

Description

The AWS SDK for Python

Added to portage

2026-07-02

botocore - 1.43.39
Ebuild name:

dev-python/botocore-1.43.39

Description

Low-level, data-driven core of boto 3

Added to portage

2026-07-02

deno-bin - 2.9.1
Ebuild name:

dev-lang/deno-bin-2.9.1

Description

Modern runtime for JavaScript and TypeScript

Added to portage

2026-07-02

faker - 40.28.1
Ebuild name:

dev-python/faker-40.28.1

Description

A Python package that generates fake data for you

Added to portage

2026-07-02

fastapi - 0.139.0
Ebuild name:

dev-python/fastapi-0.139.0

Description

High performance framework, easy to learn, fast to code, ready for produ

Added to portage

2026-07-02

file-roller - 44.7
Ebuild name:

app-arch/file-roller-44.7

Description

Archive manager for GNOME

Added to portage

2026-07-02

firefox-bin - 152.0.4
Ebuild name:

www-client/firefox-bin-152.0.4

Description

Firefox Web Browser

Added to portage

2026-07-02

framework-tool-tui - 0.8.4
Ebuild name:

app-laptop/framework-tool-tui-0.8.4

Description

TUI for controlling and monitoring Framework Computers hardware

Added to portage

2026-07-02

gitg - 50
Ebuild name:

dev-vcs/gitg-50

Description

git repository viewer for GNOME

Added to portage

2026-07-02

gpyutils - 0.15.7
Ebuild name:

app-portage/gpyutils-0.15.7

Description

Utitilies for maintaining Python packages

Added to portage

2026-07-02

isa-l - 2.32.1
Ebuild name:

dev-libs/isa-l-2.32.1

Description

Intelligent Storage Acceleration Library

Added to portage

2026-07-02

libjxl - 0.12.0
Ebuild name:

media-libs/libjxl-0.12.0

Description

JPEG XL image format reference implementation

Added to portage

2026-07-02

libsdl3 - 3.4.12
Ebuild name:

media-libs/libsdl3-3.4.12

Description

Simple Direct Media Layer

Added to portage

2026-07-02

lv - 0.15.0-r1
Ebuild name:

app-emacs/lv-0.15.0-r1

Description

Other echo area

Added to portage

2026-07-02

narwhals - 2.23.0
Ebuild name:

dev-python/narwhals-2.23.0

Description

Extremely lightweight compatibility layer between dataframe libraries

Added to portage

2026-07-02

pdns - 5.1.3
Ebuild name:

net-dns/pdns-5.1.3

Description

The PowerDNS Daemon

Added to portage

2026-07-02

pillow - 12.3.0
Ebuild name:

dev-python/pillow-12.3.0

Description

Python Imaging Library (fork)

Added to portage

2026-07-02

pixi - 0.72.0
Ebuild name:

dev-util/pixi-0.72.0

Description

A package management and workflow tool

Added to portage

2026-07-02

pytest-rerunfailures - 16.4
Ebuild name:

dev-python/pytest-rerunfailures-16.4

Description

pytest plugin to re-run tests to eliminate flaky failures

Added to portage

2026-07-02

sphinx-argparse - 0.6.0
Ebuild name:

dev-python/sphinx-argparse-0.6.0

Description

Sphinx extension that automatically documents argparse commands an

Added to portage

2026-07-02

syrupy - 5.4.0
Ebuild name:

dev-python/syrupy-5.4.0

Description

The sweeter pytest snapshot plugin

Added to portage

2026-07-02

systemd - 261.1
Ebuild name:

sys-apps/systemd-261.1

Description

System and service manager for Linux

Added to portage

2026-07-02

thunderbird-bin - 140.12.1
Ebuild name:

mail-client/thunderbird-bin-140.12.1

Description

Thunderbird Mail Client

Added to portage

2026-07-02

thunderbird-bin - 152.0.1
Ebuild name:

mail-client/thunderbird-bin-152.0.1

Description

Thunderbird Mail Client

Added to portage

2026-07-02

treq - 26.7.0
Ebuild name:

dev-python/treq-26.7.0

Description

A requests-like API built on top of twisted.web's Agent

Added to portage

2026-07-02

wxmaxima - 26.06.2
Ebuild name:

sci-mathematics/wxmaxima-26.06.2

Description

Graphical frontend to Maxima, using the wxWidgets toolkit

Added to portage

2026-07-02

xvfbwrapper - 0.2.27
Ebuild name:

dev-python/xvfbwrapper-0.2.27

Description

Python wrapper for running a display inside X virtual framebuffer

Added to portage

2026-07-02

2026-07-01
Gtk2 - 1.249.930-r2
Ebuild name:

dev-perl/Gtk2-1.249.930-r2

Description

Perl bindings for GTK2

Added to portage

2026-07-01

X-Osd - 0.700.0-r4
Ebuild name:

dev-perl/X-Osd-0.700.0-r4

Description

Perl glue to libxosd (X OnScreen Display)

Added to portage

2026-07-01

ansible-compat - 26.6.0
Ebuild name:

dev-python/ansible-compat-26.6.0

Description

Contains functions that facilitate working with various versions o

Added to portage

2026-07-01

ast-serialize - 0.6.0
Ebuild name:

dev-python/ast-serialize-0.6.0

Description

Python bindings for mypy AST serialization

Added to portage

2026-07-01

asterisk - 21.12.3
Ebuild name:

net-misc/asterisk-21.12.3

Description

Asterisk A Modular Open Source PBX System

Added to portage

2026-07-01

asterisk - 22.10.1
Ebuild name:

net-misc/asterisk-22.10.1

Description

Asterisk A Modular Open Source PBX System

Added to portage

2026-07-01

asterisk - 23.4.1
Ebuild name:

net-misc/asterisk-23.4.1

Description

Asterisk A Modular Open Source PBX System

Added to portage

2026-07-01

awscli - 1.45.38
Ebuild name:

app-admin/awscli-1.45.38

Description

Universal Command Line Environment for AWS

Added to portage

2026-07-01

beniget - 0.5.0-r1
Ebuild name:

dev-python/beniget-0.5.0-r1

Description

Extract semantic information about static Python code

Added to portage

2026-07-01

boto3 - 1.43.38
Ebuild name:

dev-python/boto3-1.43.38

Description

The AWS SDK for Python

Added to portage

2026-07-01

botocore - 1.43.38
Ebuild name:

dev-python/botocore-1.43.38

Description

Low-level, data-driven core of boto 3

Added to portage

2026-07-01

cloudflare-warp - 2026.6.822.0
Ebuild name:

net-vpn/cloudflare-warp-2026.6.822.0

Description

Cloudflare Warp Client

Added to portage

2026-07-01

cython - 3.2.8
Ebuild name:

dev-python/cython-3.2.8

Description

A Python to C compiler

Added to portage

2026-07-01

diffoscope - 323
Ebuild name:

dev-util/diffoscope-323

Description

Will try to get to the bottom of what makes files or directories different

Added to portage

2026-07-01

discord - 1.0.145
Ebuild name:

net-im/discord-1.0.145

Description

All-in-one voice and text chat for gamers

Added to portage

2026-07-01

dulwich - 1.2.7
Ebuild name:

dev-python/dulwich-1.2.7

Description

Pure-Python implementation of the Git file formats and protocols

Added to portage

2026-07-01

faker - 40.27.0
Ebuild name:

dev-python/faker-40.27.0

Description

A Python package that generates fake data for you

Added to portage

2026-07-01

gallery-dl - 1.32.5
Ebuild name:

net-misc/gallery-dl-1.32.5

Description

Download image galleries and collections from several image hosting site

Added to portage

2026-07-01

giflib - 6.1.3
Ebuild name:

media-libs/giflib-6.1.3

Description

Library to handle, display and manipulate GIF images

Added to portage

2026-07-01

humanize - 4.16.0
Ebuild name:

dev-python/humanize-4.16.0

Description

Common humanization utilities

Added to portage

2026-07-01

joplin-desktop - 3.7.6
Ebuild name:

app-office/joplin-desktop-3.7.6

Description

Secure note taking and to-do app with synchronization capabilities

Added to portage

2026-07-01

knock - 0.8.2
Ebuild name:

net-misc/knock-0.8.2

Description

Simple port-knocking daemon

Added to portage

2026-07-01

kquickimageeditor - 0.6.2.1
Ebuild name:

media-libs/kquickimageeditor-0.6.2.1

Description

QtQuick components providing basic image editing capabilities

Added to portage

2026-07-01

librt - 0.12.0
Ebuild name:

dev-python/librt-0.12.0

Description

Mypyc runtime library

Added to portage

2026-07-01

lyskom-elisp-client - 0.48_p20200226
Ebuild name:

app-emacs/lyskom-elisp-client-0.48_p20200226

Description

Elisp client for the LysKOM conference system

Added to portage

2026-07-01

m-buffer - 0.16.1
Ebuild name:

app-emacs/m-buffer-0.16.1

Description

List Oriented Buffer Operations for Emacs

Added to portage

2026-07-01

nasm - 3.02
Ebuild name:

dev-lang/nasm-3.02

Description

groovy little assembler

Added to portage

2026-07-01

nginx - 1.29.5-r1
Ebuild name:

www-servers/nginx-1.29.5-r1

Description

Added to portage

2026-07-01

nginx - 1.29.7-r2
Ebuild name:

www-servers/nginx-1.29.7-r2

Description

Added to portage

2026-07-01

nginx - 1.30.0-r1
Ebuild name:

www-servers/nginx-1.30.0-r1

Description

Added to portage

2026-07-01

nginx - 1.30.2-r1
Ebuild name:

www-servers/nginx-1.30.2-r1

Description

Added to portage

2026-07-01

nginx - 1.30.3-r1
Ebuild name:

www-servers/nginx-1.30.3-r1

Description

Added to portage

2026-07-01

nginx - 1.31.1-r1
Ebuild name:

www-servers/nginx-1.31.1-r1

Description

Added to portage

2026-07-01

nginx - 1.31.2-r1
Ebuild name:

www-servers/nginx-1.31.2-r1

Description

Added to portage

2026-07-01

octave-kernel - 1.1.0
Ebuild name:

dev-python/octave-kernel-1.1.0

Description

Jupyter kernel for octave

Added to portage

2026-07-01

pixi - 0.71.3
Ebuild name:

dev-util/pixi-0.71.3

Description

A package management and workflow tool

Added to portage

2026-07-01

qmplay2 - 26.06.27
Ebuild name:

media-video/qmplay2-26.06.27

Description

A Qt-based video player, which can play most formats and codecs

Added to portage

2026-07-01

rpds-py - 2026.6.3
Ebuild name:

dev-python/rpds-py-2026.6.3

Description

Python bindings to Rust's persistent data structures (rpds)

Added to portage

2026-07-01

rssguard - 5.2.1
Ebuild name:

net-news/rssguard-5.2.1

Description

Simple (yet powerful) news feed reader

Added to portage

2026-07-01

samba - 4.24.4
Ebuild name:

net-fs/samba-4.24.4

Description

Samba Suite Version 4

Added to portage

2026-07-01

starship - 1.26.0
Ebuild name:

app-shells/starship-1.26.0

Description

The minimal, blazing-fast, and infinitely customizable prompt for any sh

Added to portage

2026-07-01

svxlink - 26.05
Ebuild name:

media-radio/svxlink-26.05

Description

Multi Purpose Voice Services System, including Qtel for EchoLink

Added to portage

2026-07-01

uv - 0.11.26
Ebuild name:

dev-python/uv-0.11.26

Description

A Python package installer and resolver, written in Rust

Added to portage

2026-07-01

uv-build - 0.11.26
Ebuild name:

dev-python/uv-build-0.11.26

Description

PEP517 uv build backend

Added to portage

2026-07-01

xmlschema - 4.3.2
Ebuild name:

dev-python/xmlschema-4.3.2

Description

An XML Schema validator and decoder

Added to portage

2026-07-01

xvfbwrapper - 0.2.25
Ebuild name:

dev-python/xvfbwrapper-0.2.25

Description

Python wrapper for running a display inside X virtual framebuffer

Added to portage

2026-07-01

yices2 - 2.7.0
Ebuild name:

sci-mathematics/yices2-2.7.0

Description

SMT Solver supporting SMT-LIB and Yices specification language

Added to portage

2026-07-01

rdf newsfeed | rss newsfeed | Atom newsfeed
Copyright 2004-2025 Sascha Nitsch Unternehmensberatung GmbH
- Copyright and legal notices -
Time to create this page: 60.8 ms