The VPN server runs OpenVPN to create a private network between client servers and cloud servers. This connection is necessary to access glacier, mariadb, and mssql servers.
Assuming your user is already created, save your client config to a file called mm.ovpn. Download the OpenVPN client here:
Import the file you just created and connect.
SSH to the vpn server and run:
openvpn-adminFollow the menu to add or delete users. Note, every user should have a passphrase for added security, in case keys are compromised.
After the setup, the installer will give you the location of the client config file.
Tip: generate a secure password with:
pwgen 12
wget -O /usr/local/bin/openvpn-admin https://raw.githubusercontent.com/Angristan/openvpn-install/master/openvpn-install.sh
chmod 755 /usr/local/bin/openvpn
openvpn-adminFollow the prompts on screen to complete the install.
You also need to route the internal network. In /etc/openvpn/server.conf, set the following settings:
push "route 10.124.0.0 255.255.240.0"
server 10.224.0.0 255.255.255.0
The “push” command should reflect the network of the LAN (the one assigned by the host), the “server” command should reflect the network of the VPN.
You need to also create an iptables rule so the VPN network can access the Internet:
iptables -t nat -A POSTROUTING -s 10.224.0.0/24 -o eth0 -j MASQUERADE
iptables-save