Installing openvpn on Linux Debian wheezy 7

I have installed openvpn on my Debian system so it’s possible to surf with my winhoos laptop on the amprnet. Work quite nice

In this description I do not give much text and explanation. On the internet there is plenty to find about configuring openvpn.

This is what I use, it’s a simple setup.

Enable Packet Forwarding

Change
#net.ipv4.ip_forward=1
to
net.ipv4.ip_forward=1

Save and exit

Changes to your own needs.

In the same vars file, also edit this one line shown below.

Also changes to your own needs.

Next

Cd to directory easy-rsa

Hit ENTER to accept defined, default values.

Please enter the following ‘extra’ attributes
to be sent with your certificate request
A challenge password []:
An optional company name []:

Press ENTER to pass through each one.

Hit (Y) and enter

Sign the certificate? [y/n]
1 out of 1 certificate requests certified, commit? [y/n]

Generate Certificates and Keys for Clients

Press ENTER to accept the defaults.

Please enter the following ‘extra’ attributes
to be sent with your certificate request
A challenge password []:
An optional company name []:

Hit (Y) enter

Sign the certificate? [y/n]
1 out of 1 certificate requests certified, commit? [y/n]

Copy the the files to the client computer in the c:\certs directory.

pd2lt.crt
pd2lt.key
pd2lt.ovpn
ca.crt

Jnos ampr gateway

Setup Jnos ampr gateway

 

Policy based routing Amprnet

Setup een amprnet gateway met policy based routing.

Neem een kijkje op deze website voor de uitleg.
http://wiki.ampr.org/wiki/Startampr

############# tunnel ampr.org ################################
ifconfig tunl0 up 44.137.31.65/27 multicast
ip tunnel change ttl 64 mode ipip tunl0
ip link set dev tunl0 up
################# default route naar gw-44-137.ampr.org ##################
ip route add default dev tunl0 via 213.222.29.194 onlink table 44
######################## route ampr.org #################################
ip rule add to 44.0.0.0/8 table 44 priority 44
ip rule add from 44.137.31.64/27 table 44 priority 45
# Xnet Route
ip route add 44.137.31.70 dev sl0 table 44 src 44.137.31.69
# Jnos Route
ip route add 44.137.31.67 dev tun0 table 44 src 44.137.31.68
ip rule add from 44.137.31.64/27 to 192.168.1.0/24 table main priority 22
ip rule add to 44.137.31.64/27 table main priority 44
ip rule add dev tunl0 table 44 priority 45
ip rule add dev eth0 table 44 priority 46
ip rule add from 44.137.31.64/27 table 44 priority 47

### STARTS THE ampr-ripd ROUTER DAMEON
# -s saves routes to /var/lib/ampr-ripd/encap.txt
# -r use raw socket instead of multicast
# -t routing table to use
# -i tunnel interface to use
# -p RIPv2 password (latest ampr-ripd defaults to the current valid password)
# -a ampr subnets to be ignored (remove your allocation from the table)
/usr/sbin/ampr-ripd -s -r -t 44 -i tunl0 -L pi1lap@jo11vn

Ampr Gateway

Configuratie voorbeeld van een Ampr Gateway. Hier heb je het volgende programma(tje) voor nodig.
http://www.yo2loj.ro/hamprojects/ampr-ripd-1.15.tgz

Ik heb dit toegevoegd in het filetje /etc/rc.local zodat het bij het booten van het systeem automatische wordt geladen.

Voor de rest heb ik nog wat regeltjes toegevoegd in de firewall. (de geleerde zullen er wel opmerkingen over hebben. Maar dit werkt voor mij)