Show pagesourceOld revisionsBacklinksBack to top Share via Share via... Twitter LinkedIn Facebook Pinterest Telegram WhatsApp Yammer RedditRecent ChangesSend via e-MailPrintPermalink × Table of Contents Howto Set Up a VPN Description Necessary Software Modules Port forwarding VPN settings in Nethserver OpenVPN Client Howto Set Up a VPN Version / Revision: V1.0 / R2. For: Beginners Skill: General audience. Published: 2016-03-17 Review: 2016-03-17 Contact: Nethserver community forum Description The Howto describe the principle steps to set up a VPN connection. It will not handle any special configuration. The Howto refer to a simple network as shown in the picture. Version: 1.0 Author: Nas, WillZen Necessary Software Modules For the VPN are following software modules necessary. If not already done install them via Menu → Software Centre VPN Firewall Port forwarding Login in your modem/router and look where you can assign a port forwarding. Every brand has an different GUI and the port forwarding can located under different menu entries. In our example the port 1194 will be forwarded to the RED network of the Nethserver with its IP address 192.168.0.10 port 1194 UDP Port 1194 -> 192.168.0.10 VPN settings in Nethserver In the menu left hand side click on VPN. On the top of the VPN administration windows are five TABS: Accounts, Clients, L2TP/IPsec, IPsecTunel, OpenVPN Accounts Create a new user. You can create a new user or add an exist Nethserver user. OpenVPN Enable roadwarrior server by clicking in the box. Decide which authentication should be use. More information about OpenVPN setting can be found at Howto OpenVPN Under Mode choose Routed Mode. With Routed Mode your are connected with the server. To prevent any conflict with the IP range at your location and where the server is the Network IP address has to be different. In our example is the local IP address 192.168.0.0/24 and where the server is as well. We use another private IP address 10.10.0.0. You can also assign 10.0.0.0 or 172.16.0.0. or another starting address as long as you know what you are doing. The Netmask is 255.255.255.0 in our case. More about IP addressing can be found at Daryl's TCP/IP Primer Under Advanced you can choose Route all client traffic through VPN Allow client-to-client network traffic Route all client traffic through VPN you can choose if you intend to use your VPN connection at public area or foreigner countries like China. If the connection not any more checked by someone the speed can be higher. Everything will be routed via the server but have in mind your download speed is limited from the upload speed of your server connection. If you have a unsymmetrical the upload speed is usual 10% of the download speed. Allow client-to-client network traffic is the right choice if you work at home and need the connection to the server in the company. Your will use you local connection if you brows the internet. Enable Enable LZO compression by clicking in the box. Connection parameters In Contact this server on public IP / host is already the server name. If you don't have a fix IP address, which is common by non commercial contracts, you have to broadcast your public host name via a dynamic DNS service. Your IP address will usual assign new after every disconnection. In some counties is this done by the ISP every 24 hours. Via e.g. DynDNS.org is it possible to broadcast your public host name. E.g SuperDuperServer.com. Some modem support the dynamic DNS service and inform the e.g DynDNS.org if the IP address changed. If you don't want to use or you can't a host name insert your public IP address. In our case it would be 212.111.122.xxx. You have to be aware that the IP address can change if you don't have fix IP. Download OpenVPN settings In Accounts is on the right hand side the Edit field for your previous created user. If you click on the black triangle the menu pops down. Choose Download. On top of the page a new windows opens. Download OpenVPN configuration and save it on your computer where you will find it again. OpenVPN Client Download from OpenVPN.org the right client for you OS system. On a Windows PC install the openvpn-installer-xxx.exe Because the client has to write and need access to system relevant data it has to run as administrator. You can set it permanently via right click on the icon. In the pop up menu choose Properties. Choose Advance.. and in the new windows choose the first option: Run as administrator Starting OpenVPN Client You have different option to start the client: Right click on an FILE.ovpn. Choose Start OpenVPN on this config file. Save your config file File.ovpn in \Program Files\OpenVPN\config. Start the OpenVPN client via menu or double click on the icon. In the lower right corner of Windows search for the OpenVPN icon of the running client. Right click will open the menu. Choose Connect. user/willzen.txt Last modified: 2016/03/17 06:36by Stephane de Labrusse