From 17bfdc179295741982c21aa2d14353c88fbca5af Mon Sep 17 00:00:00 2001
From: Dante Catalfamo
Date: Fri, 28 Aug 2020 16:57:23 -0400
Subject: vpn-gateway: small corrections

---
 content/posts/openbsd-vpn-gateway/index.org | 23 ++++++++++++-----------
 1 file changed, 12 insertions(+), 11 deletions(-)

diff --git a/content/posts/openbsd-vpn-gateway/index.org b/content/posts/openbsd-vpn-gateway/index.org
index ec5df24..41cd60c 100644
--- a/content/posts/openbsd-vpn-gateway/index.org
+++ b/content/posts/openbsd-vpn-gateway/index.org
@@ -27,12 +27,12 @@
   will still be able to talk to each other normally, regardless of
   which gateway they use.
 
-  It's also setup such that if the VPN connection ever drops or gets
-  killed for any reason, the traffic will stop and won't be able to
-  reach the internet. Thanks to this I don't have to worry about the
-  traffic ever leaking out through my residential gateway should
-  OpenVPN decide to close the connection. Sort of like a "kill
-  switch", as some companies market it.
+  It's setup such that if the VPN connection ever drops or gets killed
+  for any reason, the traffic will stop and won't be able to reach the
+  internet. Thanks to this I don't have to worry about the traffic
+  ever leaking out through my residential gateway should OpenVPN
+  decide to close the connection. Sort of like a "kill switch", as
+  some companies market it.
 
 * Our Network
 
@@ -89,8 +89,8 @@
   single line saying =dhcp=. We want to give the interface the static
   IP =192.168.0.11= with a =/24= subnet. We use [[https://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing][CIDR notation]] here for
   convenience, but it's also possible to write out the full subnet
-  mask after our IP, separated by a space. We open the file and
-  replace its contents with the following.
+  mask after our IP, separated by a space. We open
+  =/etc/hostname.vio0= and replace its contents with the following.
 
   #+BEGIN_SRC
   inet 192.168.0.11/24
@@ -116,7 +116,7 @@
   file we've just edited.
 
   #+BEGIN_SRC shell
-  doas sh /etc/netstat vio0
+  doas sh /etc/netstat
   #+END_SRC
 
   Now if we check [[http://man.openbsd.org/man8/ifconfig.8][=ifconfig(8)=]], we should see the interface has the
@@ -156,7 +156,7 @@
    =password=.
 
    To allow OpenVPN to login without us having to enter our password,
-   we can add the =auth-user-pass= directive to our =profile.ovpn=
+   we can modify the =auth-user-pass= directive to our =profile.ovpn=
    file. This will allow us run OpenVPN as a daemon.
 
    To do this we'll create a file called =/root/vpnpasswd.txt=
@@ -168,7 +168,8 @@
    password
    #+END_SRC
 
-   We then edit our VPN profile, adding the following line somewhere.
+   We then edit our VPN profile, adding the name of our password file
+   after =auth-user-pass=.
 
    #+BEGIN_SRC
    auth-user-pass vpnpass.txt
-- 
cgit v1.2.3