master/vpn_builder
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
Files
135626f4a0dd0e49d08e6ea8fbc247d697f50e11
vpn_builder/README.md
master 135626f4a0 Init
2025-03-19 19:27:42 -05:00

80 lines
2.1 KiB
Markdown
Raw Blame History

# OpenVPN Server Setup Script
This script automates the process of setting up an OpenVPN server on a VPS running Ubuntu/Debian. It handles the installation, certificate generation, and configuration of OpenVPN.
## Prerequisites
- A VPS running Ubuntu/Debian
- Root access to the server
- OpenSSH access to the server
## Installation
1. Copy the `setup_openvpn.sh` script to your server
2. Make the script executable:
```bash
chmod +x setup_openvpn.sh
```
3. Run the script as root:
```bash
sudo ./setup_openvpn.sh
```
## What the Script Does
1. Updates the system
2. Installs OpenVPN and required packages
3. Sets up the PKI (Public Key Infrastructure)
4. Generates server certificates and keys
5. Configures the OpenVPN server
6. Sets up firewall rules
7. Creates a client certificate generation script
## Generating Client Certificates
After the server is set up, you can generate client certificates using the provided script:
```bash
sudo /etc/openvpn/server/generate-client.sh <client-name>
```
This will create a client configuration file in `/etc/openvpn/client/<client-name>.ovpn`
## Connecting to the VPN
1. Copy the generated `.ovpn` file from `/etc/openvpn/client/` to your local machine
2. Install OpenVPN client on your local machine
3. Import the `.ovpn` file into your OpenVPN client
4. Connect to the VPN
## Security Notes
- The script uses UDP port 1194 (default OpenVPN port)
- AES-256-CBC encryption is used
- The server uses Google DNS (8.8.8.8 and 8.8.4.4)
- The VPN subnet is set to 10.8.0.0/24
- The script enables IP forwarding and configures the firewall
## Troubleshooting
If you encounter any issues:
1. Check the OpenVPN server logs:
```bash
sudo journalctl -u openvpn@server
```
2. Verify the firewall rules:
```bash
sudo ufw status
```
3. Check if the OpenVPN service is running:
```bash
sudo systemctl status openvpn@server
```
## Important Files
- Server configuration: `/etc/openvpn/server/server.conf`
- Client configurations: `/etc/openvpn/client/`
- Server certificates: `/etc/openvpn/server/`
- Client certificate generation script: `/etc/openvpn/server/generate-client.sh`
Reference in New Issue View Git Blame Copy Permalink