summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat
-rw-r--r--content/posts/openbsd-vpn-gateway/index.org35
1 files changed, 18 insertions, 17 deletions
diff --git a/content/posts/openbsd-vpn-gateway/index.org b/content/posts/openbsd-vpn-gateway/index.org
index 7cd5ea8..bb0a166 100644
--- a/content/posts/openbsd-vpn-gateway/index.org
+++ b/content/posts/openbsd-vpn-gateway/index.org
@@ -10,12 +10,12 @@
* The Problem
Say you have an account with a VPN provider. Maybe there are a limit
- to how many connections you can have with one account, and you want to
- put more machines than you have connections on the account. Or maybe
- you want to put a large number of machines of the connection,
- including maybe FreeBSD Jails, LXC containers, or VMs, and you don't
- want to download the VPN profiles, sign in and configure them all
- individually.
+ to how many connections you can have with one account. Maybe you
+ want to put more machines than you have connections on the
+ account. Or maybe you want to put a large number of machines of the
+ connection, maybe some FreeBSD Jails, LXC containers, or VMs, and
+ you don't want to download the VPN profiles, sign in and configure
+ them all individually.
* The Solution
@@ -32,23 +32,22 @@
* Our Network
In this post the machine will have a single network interface called
- =vio0= with a desired static IP of =192.168.0.11= and a =/24=
- subnet, although the interface and IP in your case will be differ.
+ =vio0=. We'll set it up with a static IP of =192.168.0.11= and a
+ =/24= subnet. The interface and IP in your case will differ.
* Hardware
- To replicate my setup you'll need a dedicated machine running
+ To follow this setup you'll need a dedicated machine running
OpenBSD. You'll have to choose an appropriate host, taking into
consideration how much traffic you plan to put through it, the speed
of you VPN connection, and the speed of your home internet
connection. Anything from a virtual machine or a low power single
- board PC will do in most cases, as home internet connections
- generally aren't the fastest. If your internet connection is fast
+ board PC will do in most cases. If your internet connection is fast
enough though, you may consider [[https://blog.lambda.cx/posts/installing-openbsd-on-pcengines/][installing OpenBSD]] on a [[https://blog.lambda.cx/posts/pcengines-comparison/][PC Engines
- APU2]], as they're affordable, have gigabit Ethernet, and great
- OpenBSD driver support. In my case I created a virtual machine on a
- server in my house running [[https://www.proxmox.com/en/][Proxmox]]. In my case, the machine only has
- 1 vCPU and 512 MB RAM, which is more than enough for my needs.
+ APU2]]. They're affordable, have gigabit Ethernet, and great OpenBSD
+ driver support. In my case I created a virtual machine on a server
+ running [[https://www.proxmox.com/en/][Proxmox]]. The machine only has 1 vCPU and 512 MB RAM, which
+ is more than enough for my needs.
* Documentation
@@ -57,9 +56,9 @@
[[https://man.openbsd.org/man8/pfctl.8][ =pfctl(8)=]] if you plan on setting something like this up. They're all
very well written and explain a lot of what I'm doing in very clear
detail. You should also read the excellent [[https://www.openbsd.org/faq/pf/][PF FAQ]] from the OpenBSD
- website, which covers many more PF configuration examples.
+ website.
-* Install OpenBSD
+* Installing OpenBSD
I won't be covering installing OpenBSD here, although it's extremely
simple and straight forward. You can pick up the disk =.iso= image
@@ -380,3 +379,5 @@
#+BEGIN_SRC shell
dosa pfctl -f /etc/pf.conf
#+END_SRC
+
+* Wrapping Up
generated by cgit v1.2.3 (git 2.25.1) at 2025-04-30 08:36:56 +0000