OPENVPN SITE TO SITE PSK: Unterschied zwischen den Versionen
Zur Navigation springen
Zur Suche springen
(Die Seite wurde neu angelegt: „=Layout= -192.168.33.1/24 -|garlic|-10.82.1.211---------------------10.82.1.195-|hubsi|-192.168.55.1/24 =Interfaces= ==garlic== <pre> auto ens18 iface ens18 in…“) |
(→Layout) |
||
| (3 dazwischenliegende Versionen von 2 Benutzern werden nicht angezeigt) | |||
| Zeile 1: | Zeile 1: | ||
=Layout= | =Layout= | ||
-192.168.33.1/24 -|garlic|-10.82.1.211---------------------10.82.1.195-|hubsi|-192.168.55.1/24 | -192.168.33.1/24 -|garlic|-10.82.1.211---------------------10.82.1.195-|hubsi|-192.168.55.1/24 | ||
| + | |||
| + | {{#drawio:openvpn-05}} | ||
| + | |||
=Interfaces= | =Interfaces= | ||
| + | |||
| + | [[Dummy, pseudo Interface]] | ||
| + | |||
==garlic== | ==garlic== | ||
<pre> | <pre> | ||
| Zeile 30: | Zeile 36: | ||
pre-up ip link add dummy0 type dummy | pre-up ip link add dummy0 type dummy | ||
</pre> | </pre> | ||
| + | |||
=Ipfordward on= | =Ipfordward on= | ||
*cat /etc/sysctl.conf | *cat /etc/sysctl.conf | ||
| Zeile 39: | Zeile 46: | ||
==Generatre PSK on garlic== | ==Generatre PSK on garlic== | ||
*cd /etc/openvpn/ | *cd /etc/openvpn/ | ||
| − | *openvpn --genkey | + | *openvpn --genkey secret static.key |
| + | |||
==Copy to hubsi== | ==Copy to hubsi== | ||
*scp static.key hubsi:$PWD | *scp static.key hubsi:$PWD | ||
| Zeile 63: | Zeile 71: | ||
keepalive 10 120 | keepalive 10 120 | ||
</pre> | </pre> | ||
| + | =Start and Autostart on all sites= | ||
| + | *echo 'AUTOSTART="all"' >> /etc/default/openvpn | ||
| + | *systemctl daemon-reload | ||
| + | *systemctl start openvpn | ||
| + | *systemctl enable openvpn | ||
Aktuelle Version vom 11. Juli 2023, 14:48 Uhr
Layout
-192.168.33.1/24 -|garlic|-10.82.1.211---------------------10.82.1.195-|hubsi|-192.168.55.1/24
![Bearbeiten](javascript:editDrawio("618522100", "openvpn-05.drawio.png", "png", false, false, false, true, "https://embed.diagrams.net")){kind=link}
Interfaces
garlic
auto ens18 iface ens18 inet static address 10.82.1.211 netmask 255.255.0.0 gateway 10.82.0.1 auto dummy0 iface dummy0 inet static address 192.168.33.1 netmask 255.255.255.0 pre-up ip link add dummy0 type dummy
hubsi
auto ens18 iface ens18 inet static address 10.82.1.195 netmask 255.255.0.0 gateway 10.82.0.1 auto dummy0 iface dummy0 inet static address 192.168.55.1 netmask 255.255.255.0 pre-up ip link add dummy0 type dummy
Ipfordward on
- cat /etc/sysctl.conf
net.ipv4.ip_forward=1
- sysctl -p
Openvpn
Install
- sudo apt-get install openvpn
Generatre PSK on garlic
- cd /etc/openvpn/
- openvpn --genkey secret static.key
Copy to hubsi
- scp static.key hubsi:$PWD
Openvpn config on garlic
- vi /etc/openvpn/server.conf
remote 10.82.1.195 dev tun ifconfig 172.30.30.1 172.30.30.2 secret static.key route 192.168.55.0 255.255.255.0 keepalive 10 120
Openvpn config on hubsi
- vi /etc/openvpn/client.conf
remote 10.82.1.211 dev tun ifconfig 172.30.30.2 172.30.30.1 secret static.key route 192.168.33.0 255.255.255.0 keepalive 10 120
Start and Autostart on all sites
- echo 'AUTOSTART="all"' >> /etc/default/openvpn
- systemctl daemon-reload
- systemctl start openvpn
- systemctl enable openvpn