N6XRE DokuWiki

This is an old revision of the document!


Sitemap - 8080 - 73



PDF Documents and Plugin
Embed videos & playlists Instructions
Raspberry Pi - ZFS - CW - Manet
Programming And Computing

My TwitterMy Twitter Search GoogleGoogle Search
VPN - SQUID - Tor - I2P

1. Webmin Documentation

2. Firewalls

3. How to use Raspberry Pi as a wireless router with firewall?

4. USB 3.0 Hub Ethernet with USB C Adapter, 3 Port USB 3.0

Splitter Gigabit Ethernet Hub + USB C HUB Network RJ45 1000Mbps USB Extender - Price:$16.99
Top
https://www.amazon.com/gp/product/B07G8VZ51Z/
USB 3.0_Hub_Ethernet_with_USB-Amazon.pdf


NETGEAR 8-Port Gigabit Ethernet Unmanaged Switch, Desktop, Internet Splitter, Fanless, Plug-and-Play (GS208) - Amazon Price:$16.99

5. Linux Advanced Routing & Traffic Control HOWTO

6. Iptables-tutorial

7. Fast and Easy Free VPN from Google - The Open Source OUTLINE - Hak5 2403

Top
Also see other Youtubes HERE - Fast, Free, and Easy VPN Build in Minutes - Hak5 2022
Setting up an OpenVPN Server on Debian, Ubuntu and CentOS
Setting up an OpenVPN Server on Raspberry P
https://youtu.be/04EmeXSZo_0

Install and setup OpenVPN

apt-get update; apt-get install openvpn easy-rsa

gunzip -c /usr/share/doc/openvpn/examples/sample-config-files/server.conf.gz  /etc/openvpn/server.conf

nano /etc/openvpn/server.conf 

replace dh1024.pem with dh2048.pem
#uncomment push "redirect-gateway def1 bypass-dhcp"
#uncomment push "dhcp-option DNS" and replace IP addresses with your fav DNS
#uncomment user nobody
#uncomment group nogroup
#save and exit

Setup Firewall

#Enable IP forwarding
echo 1  /proc/sys/net/ipv4/ip_forward

nano /etc/sysctl.conf
#uncomment net.ipv4.ip_forward=1
#save and exit

#Configure firewall.

ufw status
ufw allow ssh
ufw allow 1194/udp

#Let packets forward through the VPS by changing for forward policy to accept

nano /etc/default/ufw
#replace DROP with ACCEPT in DEFAULT_FORWARD_POLICY="DROP"
#save and exit

#Enable NAT and IP masquerading for clients
nano /etc/ufw/before.rules
#Add the following near the top
*nat
:POSTROUTING ACCEPT [0:0] 
-A POSTROUTING -s 10.8.0.0/8 -o eth0 -j MASQUERADE
COMMIT

ufw status

Setup Keys and Start the Server

cp -r /usr/share/easy-rsa/ /etc/openvpn
mkdir /etc/openvpn/easy-rsa/keys

nano /etc/openvpn/easy-rsa/vars
#change export KEY_* values
#set KEY_NAME to "server"
#save and exit

#Generate the 2048 bit Diffie-Hellman pem file we pointed to in the openvpn config
openssl dhparam -out /etc/openvpn/dh2048.pem 2048

#move to the easy-rsa directory

cd /etc/openvpn/easy-rsa

#Set the variables we configured
. ./vars
./clean-all
./build-ca #Accept all defaults 
./build-key-server server #Accept all defaults 

#Move the newly generated certificates to /etc/openvpn
cp /etc/openvpn/easy-rsa/keys/server.crt,server.key,ca.crt /etc/openvpn

#In /etc/openvpn we should have a server.conf, server.crt, server.key, ca.crt and dh2048.pem

#start the OpenVPN service
service openvpn start
service openvpn status

Setup keys for the first client

./build-key client
ls keys

#Make a new directory to merge the client configuration and keys
mkdir ~/client

#Copy the example client configuration renaming the file extension from conf to ovpn
cp /usr/share/doc/openvpn/examples/sample-config-files/client.conf ~/client/pineapple.ovpn

cd /etc/openvpn/easy-rsa/keys
cp client.crt client.key client.ovpn ~/client
cp /etc/openvpn/ca.crt ~/client

Securely copy client.crt, client.key, ca.crt and client.ovpn to your client device

cd ~/client

#determine public IP address
ifconfig

nano pineapple.ovpn
# find remote and replace my-server-1 with IP address of VPN server
# uncomment group nogroup
# uncomment user nobody
# comment out the ca, cert and key directives
# save and exit

echo "ca" to pineapple.ovpn
cat ca.crt to pineapple.ovpn
echo "/ca" to pineapple.ovpn

echo "cert" to pineapple.ovpn
cat client.crt to pineapple.ovpn
echo "/cert" to pineapple.ovpn

echo "key" to pineapple.ovpn
cat client.key to pineapple.ovpn
echo "/key" to pineapple.ovpn

Top
http://n6xre.duckdns.org:8000/wikipedia_en_all_novid_2017-08/A/OpenVPN.html

Top
https://www.ecosia.org/search?q=OpenVPN+Documentation

8. Quick and Dirty VPN Server with pptpd

9. Squid Proxy Documentation

10. Privoxy Documentation

11. Tor on Raspbian

12. I2P on Raspbian

13. Proxy Checker Genius

QR Code
QR Code firewalls (generated for current page)