Welcome!

By registering with us, you'll be able to discuss, share and private message with other members of our community.

SignUp Now!
adv ex on 5 january 2024
adv ex on 22 February 2024
adv ex on 22 February 2024
banner Expire 26 April 2024
Rescator cvv and dump shop
banner expire at 13 May

Yale lodge shop
UniCvv
banner Expire 1 April  2021

Installing and configuring OpenVpn server

RedX

TRUSTED VENDOR
Staff member
Joined
Nov 26, 2020
Messages
598
We will raise vpn on our vps, which will cost us only $ 10 per month (it is possible and less if we take another country), and the service from Inferno Solutions will help us. You can start!
We go to the given URL of Inferno Solutions
and repeat the sequence of numbers in the next picture


Select this VPS -> then



Update the cart and pay for the order
(ATTENTION: if you want to host sites here, then put the administration panel right away,
because when you install it, the disk is formatted)

After 5-10 minutes, the login data will be sent to the mail in the form of an IP address and password for SSH
We go on SSH with these data using Putty



We turn on packet forwarding, for this we write a midnight commander like a headlight in Windows in the "mc" console.
We go to / etc and through F4 open the sysctl.conf file, edit the file as in the screenshot for

Men - net.ipv4.ip_forward = 0 to net.ipv4.ip_forward = 1 Exit



through F10, confirming the changes.
Then we exit mc and write the following in the console: sysctl –p
This will load the kernel variables from the updated sysctl.conf file



By default, iptables acts as a firewall, we will write the rule
iptables -t nat -A POSTROUTING -s 10.8.0.0/24 - o eth0 -j SNAT --to-source YOUR EXTERNAL_IP



Run the rule when the system starts

mkdir / etc / iptables
/ sbin / iptables-save> / etc / iptables / rules
echo "/ sbin / iptables-restore </ etc / iptables / rules" >> /etc/rc.d/rc.local

Install VPN server Enter rpm -Uvh
in the console http://mirror.yandex.ru/epel/5 /i386/...5-4.noarch.rpm Next yum install openvpn Enter "y" and get a message that everything is installed. Immediately downgrade the VPN server version (from personal experience) yum downgrade openvpn Enter "y" and receive a message that the entire version has been downgraded. For further convenience, install WinSCP from the site http://winscp.net/download/winscp432setup.exe, enter your data and connect to the server and go to the /usr/share/openvpn/easy-rsa/2.0/ folder. Create the keys folder via F7















We go to the console and create a couple of files with the
touch commands /usr/share/openvpn/easy-rsa/2.0/keys/index.txt
echo "00"> /usr/share/openvpn/easy-rsa/2.0/keys/serial
Enter the command go to the folder
cd /usr/share/openvpn/easy-rsa/2.0/
And generate a root certificate, in turn enter
source ./vars
./clean-all
./build-ca
For all questions, press "enter"



Create a certificate and server secret key
./build-key-server server
Just like with the server root certificate, press "enter" where you are asked
to enter a password, enter it and write it down wherever you are.



Generate a Diffie-Hellman key. The Diffie-Hellman algorithm allows two sides
shared secret key used for further symmetric data encryption.

./build-dh




Finally, generate a key for TLS authentication
openvpn --genkey --secret keys / tls.key
Now create the / etc / openvpn / keys directory and copy the keys and certificates necessary for the server
mkdir / etc / openvpn / keys
cp / usr /share/openvpn/easy-rsa/2.0/keys/ca.crt /etc/openvpn/keys/ca.crt
cp /usr/share/openvpn/easy-rsa/2.0/keys/server.crt / etc / openvpn / keys / server.crt
cp /usr/share/openvpn/easy-rsa/2.0/keys/server.key /etc/openvpn/keys/server.key
cp /usr/share/openvpn/easy-rsa/2.0/keys/ tls.key /etc/openvpn/keys/tls.key
cp /usr/share/openvpn/easy-rsa/2.0/keys/dh1024.pem /etc/openvpn/keys/dh1024.pem
Create an openvpn.conf file in the / etc / openvpn folder with the following content

PHP Code:
Code:
port 1194 # Порт на котором сервер будет принимать соединения 
local ВАШ ВНЕШНИЙ_IP # Адрес, на котором будет висеть openvpn сервер 
proto tcp # Протокол. Можно поставить tcp или udp. Вопрос что выбрать, 
не однозначный и зависит от конкретных условий. Протокол udp работает побыстрей, но не всегда применим. 
dev tun # Устройство туннеля 
server 10.8.0.0 255.255.255.0 # Виртуальная сеть, которая будет установлена между клиентом и сервером 

# Ключи и сертификаты 
ca keys/ca.crt 
cert keys/server.crt 
key keys/server.key 
dh keys/dh1024.pem 

cipher AES-256-CBC # Алгоритм шифрования, в данном случае 256-битный AES 
user nobody # Пользователь от которого будет работать OpenVPN сервер  
group nobody # Группа 
mute 20 # Не выводить повторять сообщение после 20 повторов 
max-clients 30 # Максимальное количество клиентов 
keepalive 10 120 # Каждые 10 секунд слать пинг, по истечении таймаута 120 секунд, перезапустить туннель 
client-config-dir /etc/openvpn/ccd # Директория для индивидуальных настроек каждого клиента 
tls-server # Явное указание, что данный хост является TLS сервером 
comp-lzo # Сжатие трафика 
persist-key # Не трогать tun устройство при перезапуске openvpn сервера 
persist-tun # Не перечитывать файлы ключей при перезапуске туннеля 
push "redirect-gateway def1" # Протолкнуть клиенту новый шлюз по умолчанию 
push "dhcp-option DNS 8.8.8.8" # Назначить для клиента DNS сервер, в данном случае публичный DNS от гугла
We start the server side

service openvpn start



As you can see the server started without errors
Checking the device for the tunnel

ifconfig tun0



Everything is fine

We proceed to generating certificates for clients

cd /usr/share/openvpn/easy-rsa/2.0
./build-key client01



Create the
mkdir / root folder / ovpn

And copy the client certificates there
cp /usr/share/openvpn/easy-rsa/2.0/keys/ca.crt /root/ovpn/ca.crt
cp /usr/share/openvpn/easy-rsa/2.0/keys/ client01.crt /root/ovpn/client01.crt
cp /usr/share/openvpn/easy-rsa/2.0/keys/client01.key /root/ovpn/client01.key
cp / usr / share / openvpn / easy-rsa / 2.0 / keys / tls.key /root/ovpn/tls.key
Next, we create a config file called client01.ovpn with the following content

PHP Code:
Code:
client 
remote IP_АДРЕС СЕРВЕРА 1194 # Адрес и порт OpenVPN сервера 
proto tcp # Протокол, должен совпадать с сервером 
dev tun # Устройство 
# Сертификаты и ключи 
ca ca.crt 
dh dh1024.pem 
cert client01.crt 
key client01.key 
#tls-auth tls.key 1 
cipher AES-256-CBC #Алгоритм шифрования, должен совпадать с серверным 
verb 3 
mute 20 
keepalive 10 120 
comp-lzo 
persist-key 
persist-tun 
resolv-retry infinite 
nobind
Save it in the / root / ovpn folder
Add the VPN service to autoload
chkconfig --level 2345 openvpn on
And check if it has been added
chkconfig –list
This completes the setup
Install the VPN client from the site _http: //www.openvpn.net/index .php? option = com_content & id = 357
Next, copy the certificates to yourself




We launch the VPN client, and check on 2ip.ru

That's all, we use and enjoy

PS Actually, after spending 10-15 minutes on setting up your vpn server, you will be guaranteed,

sure that logging, minimum price and 100% uptime.
 
Top Bottom