# which is in the plugins/ directory of the OpenVPN source tree # will require the use of the OpenVPN "down-root" plugin # the client "up" script will run fine, but the "down" script # This runs with the context of the OpenVPN UID/GID # It should work with any UNIX with a POSIX sh, /etc/nf or resolvconf # Tested under Debian lenny with OpenVPN 2.1_rc11 # Note that this script is best served with the companion "client.down" # Next, "chmod a+x /etc/openvpn/client.up" # Then, add the following to your /etc/openvpn/.conf: # PURPOSE: This script automatically sets the proper /etc/nf entries On reboot openvpn client will start automatically. Set openvpn flags rcctl set openvpn flags "-daemon -config /etc/openvpn/proton.ovpn" Tunnel in our config already starts on boot, this is just another option, if running a VPN server this is how it would be done. Starting the openvpn automatically when system boots using the client. If credentials are not saved, openvpn will ask you to enter your username and password. With -verb 9 flag for more verbose output /usr/local/sbin/openvpn -config /etc/openvpn/proton.ovpn -verb 9 usr/local/sbin/openvpn -config /etc/openvpn/proton.ovpn -verb 9 Manual connect to VPNįor testing you can start the VPN as root.ĭaemon mode /usr/local/sbin/openvpn -daemon -config /etc/openvpn/proton.ovpn Reboot the system to reset the tunnel to connect to VPN. Then chech the network is down by running dig You can also reset ProtonVPN credentials while tunnel is on dig īring the tunnel downe ifconfig tun0 down See which DNS server responds to our queries, at the bottom. Look at nf for ProtonVPN DNS our queries will go through. Below are some micelaneous commnads to test the tunnel. Reboot and your VPN tunnel should be up and running. This interferes with client.up script which has to modify nf in order to prevent DNS leaks by adding ProtonVPN DNS servers to nf, so that way our queries do not go through our local DNS. Remove or comment out autoconf line and paste !dhclient \$if instead.ĭisabling resolvd is needed because it rewrites the nf file if it detects the file has been changed, or rewrites the file if it has been deleted. In my case it is named hostname.hvn0 nano /etc/hostname.hvn0 This would be the main interface that was created during install. It will look like this: auth-user-pass /etc/openvpn/thĮdit file permissions for security chown root:wheel /etc/openvpn/thĭisable resolvd and dhcpleased by running: rcctl disable resolvd dhcpleasedĮnable dhclient(8) by adding "!dhclient \$if" to hostname.if(5). nano /etc/openvpn/proton.ovpnĪdd /etc/openvpn/th at the end of auth-user-pass. !/usr/local/sbin/openvpn -daemon -config /etc/openvpn/proton.ovpnĪuto connect to VPN and avoid having to entering username and password at the prompt by saving the credentials to a file.Ĭopy your IKEv2 ProtonVPN username and password.Ĭreate a new file and paste your username and password on two lines. nano /etc/hostname.tun0Īnd add the following to the /etc/hostname.tun0 file. Create Network InterfaceĬreate a file named /etc/hostname.tun0. In order to link the scripts we downloaded. Edit configĮdit the the two lines below in the proton.ovpn file. Move the config file to /etc/openvpn/ folder. Rename the downloaded config file .ovpn to proton.ovpn for simplicity. ovpn fileĭownload a Linux configuration file from ProtonVPN Downloads page. You can also copy scripts at the end of the page. Make scrits executable chmod +x client.up client.down mkdir /etc/openvpn/ĭownload client.up and client.down scripts from GitHub and place them in /etc/openvpn directory. Create a new directory to place config files and scripts.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |