RaspberryPi/OpenVPN: Difference between revisions

From charlesreid1
Line 19: Line 19:


Initially, 0 was selected. Select the one called <code>iptables-legacy</code>.
Initially, 0 was selected. Select the one called <code>iptables-legacy</code>.
==OpenVPN==


===Installing OpenVPN===
===Installing OpenVPN===

Revision as of 10:37, 24 November 2019

Pihole, OpenVPN, DNSCrypt

Preparing the Pi

Fixing iptables

On the Kali linux pi image I used, I had to fix iptables to use a legacy NAT mode: 

$ sudo update-alternatives --config iptables
There are 2 choices for the alternative iptables (providing /usr/sbin/iptables).

  Selection    Path                       Priority   Status
------------------------------------------------------------
  0            /usr/sbin/iptables-nft      20        auto mode
* 1            /usr/sbin/iptables-legacy   10        manual mode
  2            /usr/sbin/iptables-nft      20        manual mode

Initially, 0 was selected. Select the one called iptables-legacy.

OpenVPN

Installing OpenVPN

wget https://git.io/vpn -O openvpn-install.sh
chmod 755 openvpn-install.sh
sudo ./openvpn-install.sh

This will ask you which interface the openvpn server should bind to. Select the one that is public-facing (the internet).

I used the default port 1194, defaults for everything else.

Grab a coffee, this will install a bunch of stuff.

Checking OpenVPN Interface

OpenVPN will create a tun0 interface. Get its IP address: 

ifconfig tun0 | grep 'inet'

Now take note of this IP address, as we will need to set a DNS option for our OpenVPN connection.

Edit /etc/openvpn/server/server.conf

Add the tun0 interface by adding the line 

push "dhcp-option DNS <IP-ADDR-OF-TUN0-INTERFACE>"

For me, 

push "dhcp-option DNS 10.8.0.1

Also comment out any other push "dhcp-option DNS lines.

Now restart the OpenVPN server: 

sudo systemctl restart openvpn
Retrieved from "https://charlesreid1.com/w/index.php?title=RaspberryPi/OpenVPN&oldid=27116"