![\"\"](\"https:\/\/artem.services\/wp-content\/uploads\/2018\/10\/OpenVPN.png\")
<\/p>\n<\/p>\n
Link 2 remote nodes in between so that communication between them is "transparent". Channel stability, speed and, of course, safety are also important.<\/p>\n
Imagine that there are 2 nodes:<\/p>\n
Install OpenVPN<\/strong> on them<\/p>\n CentOS<\/strong>:<\/p>\n Ubuntu<\/strong>:<\/p>\n <\/p>\n On the Server<\/strong> node, create a directory for storing keys:<\/p>\n Generate a key:<\/p>\n Create a configuration file:<\/p>\n With the following contents:<\/p>\n Add to startup and run:<\/p>\n Verify that you have access to the node on port 1194 TCP<\/strong>. Also note that for OpenVPN<\/strong> support for TUN\/TAP<\/strong> tunnels is required, if you have an openVZ<\/strong> virtual machine, check with the hoster whether it has enabled support or not, often they do not provide TUN\/TAP<\/strong> support at low rates.<\/p>\n Go to the Client node<\/p>\n Create a directory for storing keys:<\/p>\n Here we paste the contents of the key that was generated on the Server<\/strong> node<\/p>\n Change the key permission:<\/p>\n Create a configuration file:<\/p>\n With the following contents:<\/p>\n Add to startup and run:<\/p>\n That’s it, Site-to-Site communication is configured, check.<\/p>\n Do not forget about the firewall.<\/p>\n <\/p>\n","protected":false},"excerpt":{"rendered":" Goal: Link 2 remote nodes in between so that communication between them is "transparent". Channel stability, speed and, of course, safety are also important. Imagine that there are 2 nodes: Server — IP 1.1.1.1 Client — IP 2.2.2.2 Install OpenVPN on them CentOS: Ubuntu:<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":[],"categories":[1335],"tags":[855,1337,375],"_links":{"self":[{"href":"https:\/\/artem.services\/index.php?rest_route=\/wp\/v2\/posts\/1678"}],"collection":[{"href":"https:\/\/artem.services\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/artem.services\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/artem.services\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/artem.services\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=1678"}],"version-history":[{"count":3,"href":"https:\/\/artem.services\/index.php?rest_route=\/wp\/v2\/posts\/1678\/revisions"}],"predecessor-version":[{"id":1684,"href":"https:\/\/artem.services\/index.php?rest_route=\/wp\/v2\/posts\/1678\/revisions\/1684"}],"wp:attachment":[{"href":"https:\/\/artem.services\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=1678"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/artem.services\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=1678"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/artem.services\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=1678"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}\r\nyum install -y epel-release\r\nyum install -y openvpn easy-rsa\r\n<\/pre>\n
\r\napt install -y openvpn\r\n<\/pre>\n
\r\nmkdir -p \/etc\/openvpn\/keys\/ && cd \/etc\/openvpn\/keys\/\r\n<\/pre>\n
\r\nopenvpn --genkey --secret vpn.key\r\n<\/pre>\n
\r\nvim \/etc\/openvpn\/server.conf\r\n<\/pre>\n
\r\ndev tun\r\nproto tcp-server\r\nlocal 1.1.1.1\r\nlport 1194\r\nremote 2.2.2.2\r\nrport 1194\r\nsecret \/etc\/openvpn\/keys\/vpn.key 0\r\nifconfig 192.168.1.1 192.168.1.2\r\nroute 192.168.1.2 255.255.255.255\r\nuser nobody\r\ngroup nobody\r\npersist-tun\r\npersist-key\r\nkeepalive 10 60\r\nping-timer-rem\r\nverb 0\r\ndaemon\r\ntun-mtu 48000\r\nfragment 0\r\nmssfix 0\r\ncomp-lzo\r\ncipher aes-256-cbc\r\ntcp-nodelay\r\nsndbuf 0\r\nrcvbuf 0\r\npush "sndbuf 524288"\r\npush "rcvbuf 524288"\r\n<\/pre>\n
\r\nsystemctl enable openvpn@server\r\n<\/pre>\n
\r\nsystemctl start openvpn@server\r\n<\/pre>\n
\r\nmkdir -p \/etc\/openvpn\/keys\/ && cd \/etc\/openvpn\/keys\/\r\n<\/pre>\n
\r\nvim \/etc\/openvpn\/keys\/vpn.key\r\n<\/pre>\n
\r\nchmod 600 \/etc\/openvpn\/keys\/vpn.key\r\n<\/pre>\n
\r\nvim \/etc\/openvpn\/client.conf\r\n<\/pre>\n
\r\ndev tun\r\nproto tcp-client\r\nlocal 2.2.2.2\r\nlport 1194\r\nremote 1.1.1.1\r\nrport 1194\r\nsecret \/etc\/openvpn\/keys\/vpn.key 1\r\nifconfig 192.168.1.2 192.168.1.1\r\nroute 192.168.1.1 255.255.255.255\r\nuser nobody\r\ngroup nobody\r\npersist-tun\r\npersist-key\r\nkeepalive 10 60\r\nping-timer-rem\r\nverb 0\r\ndaemon\r\ntun-mtu 48000\r\nfragment 0\r\nmssfix 0\r\ncomp-lzo\r\ncipher aes-256-cbc\r\n<\/pre>\n
\r\nsystemctl enable openvpn@client\r\n<\/pre>\n
\r\nsystemctl start openvpn@client\r\n<\/pre>\n