Linux as server

Sme -Linux gateway server-

My Sme7 howto's-

Linux commands

Just pretty photos

roadwarrior setup with openvpn 2.0.9 for Openvpn

Intro

My aim is to set up an openvpn config where an internet user can access a server on the internet. From the server you can setup connections to internet, or to an internal net (which is not included in the setup.)
In linuxjournal I have already explained howto let road-warriors use openvpn to connect to your networks in a save manner.
The new setup however has some new features and is simpler: the new openvpn version makes this possible.

Config files and what they do

Server setup
##server config file
port 1194 #udp port
dev tun # routed setup
tls-server
dh dh2048.pem
ca ca.crt
cert server.crt
key server.key
# server and client point-to-point network server 192.168.100.0 255.255.255.0
mtu-test
tun-mtu 1500
tun-mtu-extra 32
mssfix 1450
keepalive 10 120
#use plugin to authenticate against passwd file linux-server plugin /usr/share/openvpn/plugin/lib/openvpn-auth-pam.so login
#default gateway for all traffic will be via the openvpn connection push "redirect-gateway"
push "dhcp-option DNS server-ip-address" #push DNS entries to client
comp-lzo
status-version 2
status openvpn-status.log
verb 4
################end

Client setup
###############
dev tun
remote ip-address-server-here
tls-client
ca ca.crt
cert client.crt
key client.key
mtu-test
tun-mtu 1500
tun-mtu-extra 32
mssfix 1450
pull
comp-lzo
verb 4
#user/password authentication on top of certificates #because someone can steel that laptop and you need some time to revoke the certificate --auth-user-pass
##########################################