Carding 4 Carders
Professional
Welcome all! Today we will make our own DoubleVPN.
To do this, we will need 2 servers \ vps (if openVZ must have tun\tap adapters enabled). One of the servers must have 2 ip addresses. We use Debian as the operating system.
Start
Go to the server with two ip addresses.
Go to the catalog:
cd /usr/share/doc/openvpn/examples/sample-config-files
Unpacking the archive:
Copying files
You can start generating certificates:
Fill in all fields
Common Name enter server
./build-key-server server
Common Name enter server
Challenge password We remember it we entered 12345
Certificates for the server are ready, go to the client certificates
First of all, we will be asked for the password for the client certificate (we specified 9999)
Enter client1 in the Common Name. After entering the e-mail address, you will be asked for Challenge password, remember which one you entered, and specify it (in our case, 12345)
To generate the second and subsequent certificates, do not forget to change the Common Name.
Go to setting up and starting the server.
Clearing the server configuration file
Install the console text editor
Comments to the config:
local - the address where the demon is running
port - the port on which demon is running
66.96.208.21 address of the dns server through which we will resolve. You can get it here: cat / etc/resolv. conf.
Adding execution rights to two scripts
Looking for the string OPTARGS="" and converting it to OPTARGS= " --script-security 2"
Now enable ip_forward
Adding the nobody group
addgroup nobody
copying the cert files:
Starting the daemon:
The VPN server is ready in principle, you can already work through it, but our goal was DoubleVPN, so we continue to configure it.
Go to the server where you have 1 ip.
In order not to explain again how certificates are generated, I generated a bundle of certificates and uploaded them for General use: http://www.sendspace.com/file/9eu4s7
Download these files, connect to the server via winSCP, go to the /etc/openvpn folder And copy all the contents of the archive there(Along with the ip_1 folder)
In the terminal:
In the local line, change the ip address to the address of the server where you are currently located. And delete the status and log lines. This will disable logging of our server.
Now we need to fix the up and down scripts
We see the ip address 184.82.183.28 and change it to the address of your server.
We see the ip address 184.82.183.28 and change it to the address of your server.
Adding execution rights to the up and down files
Further.
Looking for the string OPTARGS="" and converting it to OPTARGS= " --script-security 2"
Now enable ip_forward
Launch openvpn.
We return to the server with two IP addresses. Скачиваем http://www.sendspace.com/file/vjuiqb
We connect via winSCP to the /etc/openvpn folder and upload the folder from the ip archive_
Then copy the config file
remote We specify the ip address of the server with 1 ip
local specify the second ip address of your server
Deleting the status and log lines
Adding execution rights to files
And edit the config
Client side
So we come to the final part of the settings, namely the client side settings. Download from the server with two ip_addresses from the folder /etc/openvpn / 2.0/keys
Files:
ca.crt
client1.crt
client1.key
I hope that you already have openvpn installed. Let's go to daddy's
C:\Program Files\OpenVPN\config And create a test folder there. We put the downloaded files in it. Now download the sample config:
http://www.sendspace.com/file/g89eg2
We put the downloaded file in the test folder
Now edit it.
We change it to the ip of the server with only one ip address.
We fix it if client certificates have different names.
Everything is ready, it remains to download the utility that will make sure that the connection is not broken, the utility of any vpn service is suitable.
Now it remains to connect to our VPN and enjoy life, traffic goes according to the scheme : server with 1ip<-->server with 2ip<--><-->network.
To do this, we will need 2 servers \ vps (if openVZ must have tun\tap adapters enabled). One of the servers must have 2 ip addresses. We use Debian as the operating system.
Start
Go to the server with two ip addresses.
Code:
apt-get update
apt-get install openvpnGo to the catalog:
cd /usr/share/doc/openvpn/examples/sample-config-files
Unpacking the archive:
Code:
gzip -d server.conf.gzCopying files
Code:
cp -R /usr/share/doc/openvpn/examples/sample-config-files/server.conf /etc/openvpn
cp -R /usr/share/doc/openvpn/examples/easy-rsa/2.0 /etc/openvpnYou can start generating certificates:
Code:
cd /etc/openvpn/2.0
./clean-all
source ./vars
./clean-all
./build-caFill in all fields
Common Name enter server
./build-key-server server
Common Name enter server
Challenge password We remember it we entered 12345
Code:
./build-dhCertificates for the server are ready, go to the client certificates
Code:
./build-key-pass client1First of all, we will be asked for the password for the client certificate (we specified 9999)
Enter client1 in the Common Name. After entering the e-mail address, you will be asked for Challenge password, remember which one you entered, and specify it (in our case, 12345)
Code:
./build-key-pass client2To generate the second and subsequent certificates, do not forget to change the Common Name.
Go to setting up and starting the server.
Code:
cd /etc/openvpnClearing the server configuration file
Code:
echo " " > server.confInstall the console text editor
Code:
apt-get install nano
nano server.conf
local 46.37.169.30
port 1800
proto tcp
dev tun
ca /etc/openvpn/ca.crt
cert /etc/openvpn/server.crt
key /etc/openvpn/server.key
dh /etc/openvpn/dh1024.pem
push "redirect-gateway def1"
push "dhcp-option DNS 66.96.208.21"
user nobody
group nobody
server 10.8.0.0 255.255.255.0
keepalive 10 120
persist-key
persist-tun
comp-lzo
max-clients 10
up up
down downComments to the config:
local - the address where the demon is running
port - the port on which demon is running
Code:
push "dhcp-option DNS 66.96.208.21"66.96.208.21 address of the dns server through which we will resolve. You can get it here: cat / etc/resolv. conf.
Adding execution rights to two scripts
Code:
chmod +x up down
nano /etc/default/openvpnLooking for the string OPTARGS="" and converting it to OPTARGS= " --script-security 2"
Now enable ip_forward
Code:
echo 1 > /proc/sys/net/ipv4/ip_forwardAdding the nobody group
addgroup nobody
copying the cert files:
Code:
cp -R /etc/openvpn/2.0/keys/ca.crt /etc/openvpn/
cp -R /etc/openvpn/2.0/keys/server.crt /etc/openvpn/
cp -R /etc/openvpn/2.0/keys/server.key /etc/openvpn/
cp -R /etc/openvpn/2.0/keys/dh1024.pem /etc/openvpn/Starting the daemon:
Code:
/etc/init.d/openvpn startThe VPN server is ready in principle, you can already work through it, but our goal was DoubleVPN, so we continue to configure it.
Go to the server where you have 1 ip.
Code:
apt-get update
apt-get install openvpnIn order not to explain again how certificates are generated, I generated a bundle of certificates and uploaded them for General use: http://www.sendspace.com/file/9eu4s7
Download these files, connect to the server via winSCP, go to the /etc/openvpn folder And copy all the contents of the archive there(Along with the ip_1 folder)
In the terminal:
Code:
cp /etc/openvpn/ip_1/server.conf /etc/openvpn/
nano /etc/openvpn/server.confIn the local line, change the ip address to the address of the server where you are currently located. And delete the status and log lines. This will disable logging of our server.
Now we need to fix the up and down scripts
Code:
nano /etc/openvpn/ip_1/upWe see the ip address 184.82.183.28 and change it to the address of your server.
Code:
nano /etc/openvpn/ip_1/downWe see the ip address 184.82.183.28 and change it to the address of your server.
Adding execution rights to the up and down files
Code:
chmod +x /etc/openvpn/ip_1/down
chmod +x /etc/openvpn/ip_1/upFurther.
Code:
nano /etc/default/openvpnLooking for the string OPTARGS="" and converting it to OPTARGS= " --script-security 2"
Now enable ip_forward
Code:
echo 1 > /proc/sys/net/ipv4/ip_forwardLaunch openvpn.
Code:
/etc/init.d/openvpn startWe return to the server with two IP addresses. Скачиваем http://www.sendspace.com/file/vjuiqb
We connect via winSCP to the /etc/openvpn folder and upload the folder from the ip archive_
Then copy the config file
Code:
cp /etc/openvpn/ip_1/client.conf /etc/openvpn/
nano /etc/openvpn/client.confremote We specify the ip address of the server with 1 ip
local specify the second ip address of your server
Deleting the status and log lines
Adding execution rights to files
Code:
chmod +x /etc/openvpn/ip_1/down
chmod +x /etc/openvpn/ip_1/upAnd edit the config
Code:
nano /etc/openvpn/server.conf
enter 192.168.1.2 in local
/etc/init.d/openvpn restartClient side
So we come to the final part of the settings, namely the client side settings. Download from the server with two ip_addresses from the folder /etc/openvpn / 2.0/keys
Files:
ca.crt
client1.crt
client1.key
I hope that you already have openvpn installed. Let's go to daddy's
C:\Program Files\OpenVPN\config And create a test folder there. We put the downloaded files in it. Now download the sample config:
http://www.sendspace.com/file/g89eg2
We put the downloaded file in the test folder
Now edit it.
Code:
remote 217.12.220.71 1800
217.12.220.71We change it to the ip of the server with only one ip address.
Code:
ca ca.crt
cert client1.crt
key client1.keyWe fix it if client certificates have different names.
Everything is ready, it remains to download the utility that will make sure that the connection is not broken, the utility of any vpn service is suitable.
Now it remains to connect to our VPN and enjoy life, traffic goes according to the scheme : server with 1ip<-->server with 2ip<--><-->network.
