openvpn

warning: Creating default object from empty value in /data/web/1/000/027/003/273448/htdocs/panticz.de/modules/taxonomy/taxonomy.pages.inc on line 33.

OpenVPN connect to network with same ip range

#!/bin/bash
 
# delete routing for whole network
sudo route del -net 192.168.1.0 netmask 255.255.255.0 dev tap0
 
# add route to hosts
for ip in {30..50}; do
	sudo route add 192.168.1.${ip} dev tap0
done

OpenVPN

Install
http://www.panticz.de/install_OpenVPN

Restore prevoius NetworkManager OpenVPN configurations
wget https://raw.githubusercontent.com/panticz/scripts/master/restoreOpenvpnConfig.sh -O - | bash -

#!/bin/bash

if [ $(grep sda1 /etc/mtab | wc -l) -eq 1 ]; then
  DEV=sda2
else
  DEV=sda1
fi

sudo mount /dev/${DEV} /mnt
for i in $(find /mnt/etc/NetworkManager/system-connections -name "*.openvpn"); do
  sudo cp $i /etc/NetworkManager/system-connections/
done
sudo umount /mnt

# set file permission and owner
echo sudo chown root:root /etc/NetworkManager/system-connections/*.openvpn
echo sudo chmod 600 /etc/NetworkManager/system-connections/*.openvpn

config file
tls-client
client
dev tun
proto udp
tun-mtu 1400
remote YOUR_HOST.dyndns.org 1194
ca ca.pem
cert user.pem
key keys.pem
cipher BF-CBC
comp-lzo
verb 3
ns-cert-type server
tls-remote YOUR_HOST.dyndns.org
float

Connect to Client in same IP range
route add 192.168.1.31 dev tap0

extract p12 file
Zertifikat des Benutzers:
openssl pkcs12 -in *.p12 -clcerts -nokeys -nodes -out user.pem

Zertifikat der Zertifizierungsstelle:
openssl pkcs12 -in *.p12 -cacerts -nodes -out ca.pem

Privater Schl├╝ssel:
openssl pkcs12 -in *.p12 -nocerts -nodes -out keys.pem

# remove passphrase from a pkcs12 certificate
openssl pkcs12 -in protected.p12 -nodes -out /tmp/temp.pem
openssl pkcs12 -export -in /tmp/temp.pem -out unprotected.p12

OpenVPN Gui (Client for Windows)
http://man.chinaunix.net/linux/efw-admin-guide-html-chunk/efw.vpn.openvpn.html

C:\Programme\OpenVPN\config\YOUR_VPN.ovpn (old)
client
proto udp
remote YOUR_SERVER.dyndns.org
resolv-retry infinite
nobind
persist-key
persist-tun
ca YOUR_CERT.cer
auth-user-pass
comp-lzo
dev tap

Configure Gnome Network Applet for Endian
VPN-Connections > VPN-Configure
Add
Create
Connection Name: YOUR_VPN_NAME
Gateway: YOUR_VPN_SERVER_IP
Type: Password
Username: YOUR_VPN_USER_NAME
Password: YOUR_VPN_PASS
CA Certificate: YOUR_ENDIAN .pem file

Advanced:
Use LZO Data Compression: checked
Use a TAP Device: check
OK

IPv4 settings > Routing:
Add
Address: YOUR_VPN_NETWORK (192.168.1.0)
Netmask: 255.255.255.0

backup your OpenVPN connections
tar cjf ~/backup/system-connections.$(date -I).tar.bz2 /etc/NetworkManager/system-connections/

Android
https://play.google.com/store/apps/details?id=de.blinkt.openvpn&hl=de
http://www.rz.uni-kiel.de/pc/openvpn/AndroidVPN

Links
http://askubuntu.com/questions/29086/where-are-vpn-configuration-files-imported-by-network-manager-saved
http://www.ipcop-forum.de/forum/viewtopic.php?p=167998
http://www.ngs.ac.uk/useful-openssl-commands
http://www.sven-kuegler.de/tag/openvpn
http://www.ngs.ac.uk/useful-openssl-commands
http://man.chinaunix.net/linux/efw-admin-guide-html-chunk/efw.vpn.openvpn.html

installOpenVPN.sh

sudo apt-get install -y openvpn network-manager-openvpn
Syndicate content