VPN 2: Centos 7 + openvpn
yum install -y iptables-services net-tools mlocate vim zip epel-release</code> # разобраться как включить #yum install -y dnsmasq #systemctl enable dnsmasq.service #systemctl start dnsmasq.service #sudo cp /etc/dnsmasq.conf /etc/dnsmasq.conf.old yum install openvpn easy-rsa -y cp /usr/share/doc/openvpn-*/sample/sample-config-files/server.conf /etc/openvpn vim /etc/openvpn/server.conf # проверить udp, dns make sure: dh dh2048.pem uncomment: push "redirect-gateway def1 bypass-dhcp" # почему-то не применяются push "dhcp-option DNS 208.67.222.222" push "dhcp-option DNS 208.67.220.220" user nobody group nobody ### mkdir -p /etc/openvpn/easy-rsa/keys cp -rf /usr/share/easy-rsa/2.0/* /etc/openvpn/easy-rsa #vim /etc/openvpn/easy-rsa/vars cp /etc/openvpn/easy-rsa/openssl-1.0.0.cnf /etc/openvpn/easy-rsa/openssl.cnf cd /etc/openvpn/easy-rsa source ./vars ./clean-all ./build-ca ./build-key-server server # Enter, enter, enter ./build-dh cd /etc/openvpn/easy-rsa/keys cp dh2048.pem ca.crt server.crt server.key /etc/openvpn cd /etc/openvpn/easy-rsa ./build-key client systemctl mask firewalld systemctl enable iptables systemctl stop firewalld systemctl start iptables iptables --flush iptables -t nat -A POSTROUTING -s 10.8.0.0/24 -o eth0 -j MASQUERADE iptables-save > /etc/sysconfig/iptables vim /etc/sysctl.conf add: net.ipv4.ip_forward = 1 systemctl restart network.service systemctl -f enable openvpn@server.service systemctl start openvpn@server.service cd /etc/openvpn/easy-rsa/keys/ zip -9 keys.zip ca.crt client.crt client.key mv keys.zip / # copy to local machine # LOCAL: vim client.ovpn client dev tun proto udp remote SERVER_IP_HERE 1194 resolv-retry infinite nobind persist-key persist-tun comp-lzo verb 3 ca ca.crt cert client.crt key client.key sudo openvpn --config ~/path/to/client.ovpn vim vpn.sh #!/bin/bash while true; do echo ============= INIT VPN =========== cd /home/user/vpn/ sudo ifup eth0 sudo openvpn client.ovpn sudo ifdown eth0 cd - echo ============= VPN closed ============= echo repeat? read test done