![]() With that option, the user can connect directly with configuration file. Note that we added a user with username user1 and we passed the nopass option. +++ writing new private key to '/etc/openvpn/pki/private/' - Using configuration from /usr/share/easy-rsa/openssl-1.0.cnf Enter pass phrase for /etc/openvpn/pki/private/ca.key. In order to connect to this OpenVPN server, we can create a user per connection with this command: $ docker run -v $PWD/vpn-data:/etc/openvpn -rm -it myownvpn easyrsa build-client-full user1 nopass Generating a 2048 bit RSA private key. CRL file: /etc/openvpn/pki/crl.pemįinally, we can run the VPN server based on that config: $ docker run -v $PWD/vpn-data:/etc/openvpn -d -p 3000:1194/udp -cap-add=NET_ADMIN myownvpn Enter pass phrase for /etc/openvpn/pki/private/ca.key: An updated CRL has been created. # Wait a while Enter pass phrase for /etc/openvpn/pki/private/ca.key: Check that the request matches the signature. Your new CA certificate file for publishing is at: /etc/openvpn/pki/ca.crt Generating DH parameters, 2048 bit long safe prime, generator 2 This is going to take a long time. Common Name (eg: your user, host, or server name) :g CA creation complete and you may now import and sign cert requests. +++ writing new private key to '/etc/openvpn/pki/private/ca.key.XXXXCFGIEm' Enter PEM pass phrase: Verifying - Enter PEM pass phrase. Your newly created PKI dir is: /etc/openvpn/pki Generating a 2048 bit RSA private key. The command and truncated output will look like this: $ docker run -v $PWD/vpn-data:/etc/openvpn -rm -it myownvpn ovpn_initpki init-pki complete you may now create a CA or requests. We will be asked a password for protecting the private key. This covers generating our CA certificate and we will have a private key belong to the PKI. You should get an output that looks like in that example. īe sure that your IP address is written in the command above. mkdir vpn-data & touch vpn-data/varsįinally, we can start with generating OpenVPN config file: $ docker run -v $PWD/vpn-data:/etc/openvpn -rm myownvpn ovpn_genconfig -u udp:// IP_ADDRESS:3000 Processing PUSH Config: 'block-outside-dns' Processing Route Config: '192.168.254.0/24' Processing PUSH Config: 'dhcp-option DNS 8.8.8.8' Processing PUSH Config: 'dhcp-option DNS 8.8.4.4' Successfully generated config Cleaning up before Exit. As a result, I suggest you to keep that directory safe. This is a very significant step due to our keys will be put in that directory. Īfterwards, we need a volume or directory to store our config files and keys. We will name it myownvpn in this example: docker build -t myownvpn. We will clone this repository and build our image.įirst start with cloning the git repository into our server: git clone Ĭhange current directory to our cloned repository: cd docker-openvpn/īuild a new Docker image from these files. We will not use pre-built image and make our own image from a Dockerfile and other scripts written by kylemanna and licensed under MIT. ![]() We will start with UDP 3000 port which is different than its default port (UDP 1194). Our OpenVPN server will also be capable of handling multiple user accounts and different port options thanks to Docker’s easy port exporting options. We will also try to simplify it so that it can be completed in or less than 5 minutes. In this post, we will examine a method for creating your own OpenVPN server with Docker. There are some VPN providers available for free or paid use but there are also many people who don’t trust these providers. Many restricted environments make people need to use VPN servers. Creation of an empty file is added in the steps. Update 2020–08: Easy-RSA looks for a vars file and gives error otherwise.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |