ssh root@
apt-get install openvpn openssl easy-rsa iptables bash-completion
mkdir /etc/openvpn/easy-rsa
cd /etc/openvpn/easy-rsa/
cp -r /usr/share/easy-rsa/* /etc/openvpn/easy-rsa/
ls -l
nano vars
source ./vars
./clean-all
./build-ca
./build-key-server ServerV2
./build-key clientV1
./build-dh
openvpn --genkey --secret keys/ta.key
cd keys/
ls -l
mkdir /etc/openvpn/ccd
cp ServerV2.crt ServerV2.key ca.crt dh2048.pem ta.key /etc/openvpn/
cp clientV1.crt clientV1.key ca.crt ta.key /etc/openvpn/ccd/
cd /etc/openvpn/ or cd ..
nano ServerV2.conf
----------------------------------------------------
Конфиг сервера:
port 1194
proto udp
dev tun
ca ca.crt
cert ServerV2.crt
key ServerV2.key
dh dh2048.pem
tls-auth ta.key 0
cipher AES-256-CBC
server 10.0.0.0 255.255.255.0
keepalive 10 120
persist-key
persist-tun
client-config-dir ccd
status ServerV2-status.log
log /var/log/ServerV2.log
verb 3
comp-lzo
sndbuf 0
rcvbuf 0
push "redirect-gateway def1"
push "dhcp-options DNS 8.8.8.8"
-------------------------------------------------------
service openvpn restart
tail -f /var/log/syslog
nano /var/log
openvpn --config ServerV2.conf
tail -f /var/log/ServerV2.log
netstat -npl
nano /etc/sysctl.conf
убирать # перед net.ipv4.ip_forward=1
echo 1 >> /proc/sys/net/ipv4/conf/all/forwarding
ifconfig
iptables -t nat -A POSTROUTING -s 10.0.0.0/24 -o ens3 -j MASQUERADE
iptables-save > /etc/iptables.rules
nano /etc/network/interfaces
------------------------------------------------------------
Идем вниз и пишем:
pre-up iptables-restore < /etc/iptables.rules
------------------------------------------------------------
reboot
ping 195.2.81.250
netstat -npl
iptables -L -t nat
cd /etc/openvpn/ccd
ls -l
nano clientV1.conf
------------------------------------------------------------
Конфиг клиента:
client
dev tun
proto udp
remote 195.2.81.250 1194
resolv-retry infinite
nobind
persist-key
persist-tun
ca ca.crt
cert clientV1.crt
key clientV1.key
tls-auth ta.key 1
cipher AES-256-CBC
ns-cert-type server
comp-lzo
log clientV1.log
verb 3
sndbuf 0
rcvbuf 0
------------------------------------------------------------
apt install iperf3
apt install git
git clone https://github.com/sivel/speedtest-cli.git
cd speedtest-cli/
ls -l
python3 speedtest_cli.py
если питона нет то установить её с помощью команды apt install python3
iperf3 -s