Changes between Version 10 and Version 11 of UserGuide/VPN


Ignore:
Timestamp:
05/22/2023 03:51:28 PM (13 months ago)
Author:
bendikro
Comment:

Update FreeBSD section with openvpn settings

Legend:

Unmodified
Added
Removed
Modified
  • UserGuide/VPN

    v10 v11  
    4848Using openvpn you can set up the alternate routing table automatically: 
    4949 
    50  1. Create /usr/local/etc/openvpn/link-up.sh with the following content: 
    51  {{{ 
     50==== UP/DOWN scripts ==== 
     51Create /usr/local/etc/openvpn/link-up.sh with the following content: 
     52{{{ 
    5253 #!/bin/sh 
    5354 
     
    7273 # This is also required if you have your router as DNS resolver in /etc/resolv.conf 
    7374 /usr/sbin/setfib $FIB_NUM /sbin/route add ${LOCAL_NETWORK_CIDR} -iface ${IFACE} 
    74  }}} 
     75}}} 
    7576 
    7677And Create /usr/local/etc/openvpn/link-down.sh with the following content: 
    77  {{{ 
     78{{{ 
    7879 #!/bin/sh 
    7980 
     
    9394 # Remove rule that routes all local traffic to em0 interface  
    9495 /usr/sbin/setfib $FIB_NUM /sbin/route delete ${LOCAL_NETWORK_CIDR} -iface ${IFACE} 
    95  }}} 
     96}}} 
    9697 
    97  2. Add the following lines to the vpn config file 
    98  {{{ 
     98Make the scripts executable: 
     99{{{ 
     100 chmod u+x /usr/local/etc/openvpn/link-up.sh 
     101 chmod u+x /usr/local/etc/openvpn/link-down.sh 
     102}}} 
     103 
     104==== OpenVPN config ==== 
     105Add the following lines to the openvpn config file: 
     106{{{ 
     107 script-security 2 # allow scripts to be run 
     108 route-noexec # prevent default route being added to main routing table 
     109 up-restart # up scripts are run on restart as well 
    99110 up "/usr/local/etc/openvpn/link-up.sh" 
    100111 down "/usr/local/etc/openvpn/link-down.sh" 
    101  }}} 
    102  
    103  3. Make the scripts executable 
    104  chmod u+x /usr/local/etc/openvpn/link-up.sh 
    105  chmod u+x /usr/local/etc/openvpn/link-down.sh 
    106  
     112}}} 
    107113 
    108114Now test by running openvpn manually and see the output from the up/down scripts 
     
    111117}}} 
    112118 
     119==== Verify and run==== 
    113120Verify the routing table content: 
    114121{{{ 
     
    124131Now you can run deluged on the new routing table with: 
    125132{{{ 
    126  $ setfib 1 /path/to/deluged -L info -i tun0 -o tun0 
     133 $ setfib 1 deluged -L info -i tun0 -o tun0 
    127134}}} 
    128135