diff options
| author | Dante Catalfamo | 2020-07-15 12:55:01 -0400 |
|---|---|---|
| committer | Dante Catalfamo | 2020-07-15 12:55:01 -0400 |
| commit | c08877099324114f8aa4c42006b55ae3021ded22 (patch) | |
| tree | fd2ca3f38bbb485385b06e4601b8f7f7bb986ac4 /content | |
| parent | d7d8bf39f7187f33cd73dbc2e9cf6f7ba664c38a (diff) | |
| download | blog-c08877099324114f8aa4c42006b55ae3021ded22.tar.gz blog-c08877099324114f8aa4c42006b55ae3021ded22.tar.bz2 blog-c08877099324114f8aa4c42006b55ae3021ded22.zip | |
gateway: more work
Diffstat (limited to 'content')
| -rw-r--r-- | content/posts/openbsd-vpn-gateway/index.org | 29 |
1 files changed, 22 insertions, 7 deletions
diff --git a/content/posts/openbsd-vpn-gateway/index.org b/content/posts/openbsd-vpn-gateway/index.org index 0a1c542..f1f8305 100644 --- a/content/posts/openbsd-vpn-gateway/index.org +++ b/content/posts/openbsd-vpn-gateway/index.org @@ -32,8 +32,8 @@ * My Network In this post the machine will have a single network interface called - =vio0= with a desired static IP of =192.168.0.11=, although the - interface and IP in your case will be differ. + =vio0= with a desired static IP of =192.168.0.11= and a =/24= + subnet, although the interface and IP in your case will be differ. * Hardware @@ -73,13 +73,14 @@ the gateway for client machines. We'll set this first. Setting a static IP in OpenBSD couldn't be simpler. For each - interface on the machine, you can create a file with the name - =/etc/hostname.<if>=, where =<if>= is the name of the + interface on the machine, you can create a [[http://man.openbsd.org/man5/hostname.if.5][=hostname.if(5)=]] file + with the name =/etc/hostname.<if>=, where =<if>= is the name of the interface. Since we want to set a configure the interface =vio0=, the file we want is =/etc/hostname.vio0=. If your box was configured with DHCP, the file might contain =dhcp=. We want to give the - interface the static IP =192.168.0.11=, so we open the file and - replace its contents with the following. + interface the static IP =192.168.0.11= with a =/24= subnet. We use + [[https://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing][CIDR notation]] here for convenience. We open the file and replace its + contents with the following. #+BEGIN_SRC inet 192.168.0.11/24 @@ -92,7 +93,7 @@ dosa sh /etc/netstat vio0 #+END_SRC - Now if you check =ifconfig=, you should see the interface has the + Now if we check =ifconfig=, we should see the interface has the correct IP. * Configuring OpenVPN @@ -120,3 +121,17 @@ our password, we can add the =auth-user-pass= configuration option to our =ovpn= file. This will allow us run OpenVPN as a daemon, and restart it without having to type our username and password in. + + To do this we can create a file called =/root/vpnpasswd.txt= containing + our username, followed my our password on separate lines. + + #+BEGIN_SRC + user@examples.com + password + #+END_SRC + + We then edit our VPN profile, adding the following line somewhere. + + #+BEGIN_SRC + auth-user-pass vpnpass.txt + #+END_SRC |