![]() If I understood well, after starting the server I have to generate the client certificate (public?) and the client ovpn file to be distributed and used on the client machine. On the iptables configuration is specified 1194 as port and 10.8.0.0/24 as vpn subnet: what does it means? Can I change it with some other ip and/or port? I’m using 192.168.69.XXX on my LAN. Just one note: if you try to follow the same article make sure that all of your IP_TABLES rules are restored after every reboot otherwise your VPN won’t work I can provide more information about that also ![]() I manage to configure my OpenVPN server following the instructions from this article: click me. From my explanation you can see that I have a lot thinks that are running on my Pi and everything is absolutely stable. That NAS is holding my roms for Retrosmc, all my videos/movies/music (all my Kodi libraries), ownCloud main storage and my torrent client download folders.Īnd about your router - I think that it will be enough to forward needed ports for your VPN serverĪnd about your last question: IMHO your current configuration (Pi2 + usb HDD) is absolutely fine. I have 2TB NAS attached directly to my router and that NAS is mounted at my Pi via NFS. OSMC + torrent client + full web server(php, apache, mysql) + ownCloud + OpenVPN server + CUPS (server to share my printers at home) + Retrosmc ( master piece ) + I think that there was something else also I hope that this explanation will help you to design your own solutionįirst of all I want to clarify that my VPN server is running directly on my Pi, so at this Pi I have running: I spend some time to configure everything but last 8 mounts it is very stable and I’m happy and secure ![]() I’m using the same domain to access my Pi when I’m at home and I’m using my home network - I’ve just add new record at my router to redirect all request about this domain to Pi’s local IP. at top of all this I bought one domain and it is pointing to my public IP address - its more handy to remember domain instead of IP address.external port (normally visible from internet) is pointing to Pi’s internal port 1194 (pure VPN connection) - when I connect to my VPN I can access all other services that I have (but I don’t want to be visible from internet - torrent client web UI, router configurations, NAS configuration, another machines in my home network, ) - even with this solution I can use Yatse to stream media from to my phone while I’m traveling - there is OpenVPN client for Android.external port (normally visible from internet) is pointing to my Pi’s internal port 22 (ssh - just in case if something goes wrong with my VPN and I need console access to my Pi - here I have installed fail2ban again just in case).external port (normally visible from internet) is pointing to my Pi’s internal port 80 (I’m using ownCloud on my Pi).And about the VPN - well if you’re using it all of your traffic will be encrypted and only you will have direct access to your services. With this step you are “masking” your services - in my opinion this is another layer of security. Hi suggest you to forward external port 2200 to the internal ssh port only because there are some bots that are scanning for open “default” ports (for ftp, ssh etc.) and they start trying to login with some default credentials.
0 Comments
Leave a Reply. |
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |