Carding 4 Carders
Professional
Welcome all! Today we will make our own DoubleVPN.
To do this, we will need 2 servers \ vps (if openVZ must have tun\tap adapters enabled). One of the servers must have 2 ip addresses. We use Debian as the operating system.
Start
Go to the server with two ip addresses.
Go to the catalog:
cd /usr/share/doc/openvpn/examples/sample-config-files
Unpacking the archive:
Copying files
You can start generating certificates:
Fill in all fields
Common Name enter server
./build-key-server server
Common Name enter server
Challenge password We remember it we entered 12345
Certificates for the server are ready, go to the client certificates
First of all, we will be asked for the password for the client certificate (we specified 9999)
Enter client1 in the Common Name. After entering the e-mail address, you will be asked for Challenge password, remember which one you entered, and specify it (in our case, 12345)
To generate the second and subsequent certificates, do not forget to change the Common Name.
Go to setting up and starting the server.
Clearing the server configuration file
Install the console text editor
Comments to the config:
local - the address where the demon is running
port - the port on which demon is running
66.96.208.21 address of the dns server through which we will resolve. You can get it here: cat / etc/resolv. conf.
Adding execution rights to two scripts
Looking for the string OPTARGS="" and converting it to OPTARGS= " --script-security 2"
Now enable ip_forward
Adding the nobody group
addgroup nobody
copying the cert files:
Starting the daemon:
The VPN server is ready in principle, you can already work through it, but our goal was DoubleVPN, so we continue to configure it.
Go to the server where you have 1 ip.
In order not to explain again how certificates are generated, I generated a bundle of certificates and uploaded them for General use: http://www.sendspace.com/file/9eu4s7
Download these files, connect to the server via winSCP, go to the /etc/openvpn folder And copy all the contents of the archive there(Along with the ip_1 folder)
In the terminal:
In the local line, change the ip address to the address of the server where you are currently located. And delete the status and log lines. This will disable logging of our server.
Now we need to fix the up and down scripts
We see the ip address 184.82.183.28 and change it to the address of your server.
We see the ip address 184.82.183.28 and change it to the address of your server.
Adding execution rights to the up and down files
Further.
Looking for the string OPTARGS="" and converting it to OPTARGS= " --script-security 2"
Now enable ip_forward
Launch openvpn.
We return to the server with two IP addresses. Скачиваем http://www.sendspace.com/file/vjuiqb
We connect via winSCP to the /etc/openvpn folder and upload the folder from the ip archive_
Then copy the config file
remote We specify the ip address of the server with 1 ip
local specify the second ip address of your server
Deleting the status and log lines
Adding execution rights to files
And edit the config
Client side
So we come to the final part of the settings, namely the client side settings. Download from the server with two ip_addresses from the folder /etc/openvpn / 2.0/keys
Files:
ca.crt
client1.crt
client1.key
I hope that you already have openvpn installed. Let's go to daddy's
C:\Program Files\OpenVPN\config And create a test folder there. We put the downloaded files in it. Now download the sample config:
http://www.sendspace.com/file/g89eg2
We put the downloaded file in the test folder
Now edit it.
We change it to the ip of the server with only one ip address.
We fix it if client certificates have different names.
Everything is ready, it remains to download the utility that will make sure that the connection is not broken, the utility of any vpn service is suitable.
Now it remains to connect to our VPN and enjoy life, traffic goes according to the scheme : server with 1ip<-->server with 2ip<--><-->network.
To do this, we will need 2 servers \ vps (if openVZ must have tun\tap adapters enabled). One of the servers must have 2 ip addresses. We use Debian as the operating system.
Start
Go to the server with two ip addresses.
Code:
apt-get update
apt-get install openvpn
Go to the catalog:
cd /usr/share/doc/openvpn/examples/sample-config-files
Unpacking the archive:
Code:
gzip -d server.conf.gz
Copying files
Code:
cp -R /usr/share/doc/openvpn/examples/sample-config-files/server.conf /etc/openvpn
cp -R /usr/share/doc/openvpn/examples/easy-rsa/2.0 /etc/openvpn
You can start generating certificates:
Code:
cd /etc/openvpn/2.0
./clean-all
source ./vars
./clean-all
./build-ca
Fill in all fields
Common Name enter server
./build-key-server server
Common Name enter server
Challenge password We remember it we entered 12345
Code:
./build-dh
Certificates for the server are ready, go to the client certificates
Code:
./build-key-pass client1
First of all, we will be asked for the password for the client certificate (we specified 9999)
Enter client1 in the Common Name. After entering the e-mail address, you will be asked for Challenge password, remember which one you entered, and specify it (in our case, 12345)
Code:
./build-key-pass client2
To generate the second and subsequent certificates, do not forget to change the Common Name.
Go to setting up and starting the server.
Code:
cd /etc/openvpn
Clearing the server configuration file
Code:
echo " " > server.conf
Install the console text editor
Code:
apt-get install nano
nano server.conf
local 46.37.169.30
port 1800
proto tcp
dev tun
ca /etc/openvpn/ca.crt
cert /etc/openvpn/server.crt
key /etc/openvpn/server.key
dh /etc/openvpn/dh1024.pem
push "redirect-gateway def1"
push "dhcp-option DNS 66.96.208.21"
user nobody
group nobody
server 10.8.0.0 255.255.255.0
keepalive 10 120
persist-key
persist-tun
comp-lzo
max-clients 10
up up
down down
Comments to the config:
local - the address where the demon is running
port - the port on which demon is running
Code:
push "dhcp-option DNS 66.96.208.21"
66.96.208.21 address of the dns server through which we will resolve. You can get it here: cat / etc/resolv. conf.
Adding execution rights to two scripts
Code:
chmod +x up down
nano /etc/default/openvpn
Looking for the string OPTARGS="" and converting it to OPTARGS= " --script-security 2"
Now enable ip_forward
Code:
echo 1 > /proc/sys/net/ipv4/ip_forward
Adding the nobody group
addgroup nobody
copying the cert files:
Code:
cp -R /etc/openvpn/2.0/keys/ca.crt /etc/openvpn/
cp -R /etc/openvpn/2.0/keys/server.crt /etc/openvpn/
cp -R /etc/openvpn/2.0/keys/server.key /etc/openvpn/
cp -R /etc/openvpn/2.0/keys/dh1024.pem /etc/openvpn/
Starting the daemon:
Code:
/etc/init.d/openvpn start
The VPN server is ready in principle, you can already work through it, but our goal was DoubleVPN, so we continue to configure it.
Go to the server where you have 1 ip.
Code:
apt-get update
apt-get install openvpn
In order not to explain again how certificates are generated, I generated a bundle of certificates and uploaded them for General use: http://www.sendspace.com/file/9eu4s7
Download these files, connect to the server via winSCP, go to the /etc/openvpn folder And copy all the contents of the archive there(Along with the ip_1 folder)
In the terminal:
Code:
cp /etc/openvpn/ip_1/server.conf /etc/openvpn/
nano /etc/openvpn/server.conf
In the local line, change the ip address to the address of the server where you are currently located. And delete the status and log lines. This will disable logging of our server.
Now we need to fix the up and down scripts
Code:
nano /etc/openvpn/ip_1/up
We see the ip address 184.82.183.28 and change it to the address of your server.
Code:
nano /etc/openvpn/ip_1/down
We see the ip address 184.82.183.28 and change it to the address of your server.
Adding execution rights to the up and down files
Code:
chmod +x /etc/openvpn/ip_1/down
chmod +x /etc/openvpn/ip_1/up
Further.
Code:
nano /etc/default/openvpn
Looking for the string OPTARGS="" and converting it to OPTARGS= " --script-security 2"
Now enable ip_forward
Code:
echo 1 > /proc/sys/net/ipv4/ip_forward
Launch openvpn.
Code:
/etc/init.d/openvpn start
We return to the server with two IP addresses. Скачиваем http://www.sendspace.com/file/vjuiqb
We connect via winSCP to the /etc/openvpn folder and upload the folder from the ip archive_
Then copy the config file
Code:
cp /etc/openvpn/ip_1/client.conf /etc/openvpn/
nano /etc/openvpn/client.conf
remote We specify the ip address of the server with 1 ip
local specify the second ip address of your server
Deleting the status and log lines
Adding execution rights to files
Code:
chmod +x /etc/openvpn/ip_1/down
chmod +x /etc/openvpn/ip_1/up
And edit the config
Code:
nano /etc/openvpn/server.conf
enter 192.168.1.2 in local
/etc/init.d/openvpn restart
Client side
So we come to the final part of the settings, namely the client side settings. Download from the server with two ip_addresses from the folder /etc/openvpn / 2.0/keys
Files:
ca.crt
client1.crt
client1.key
I hope that you already have openvpn installed. Let's go to daddy's
C:\Program Files\OpenVPN\config And create a test folder there. We put the downloaded files in it. Now download the sample config:
http://www.sendspace.com/file/g89eg2
We put the downloaded file in the test folder
Now edit it.
Code:
remote 217.12.220.71 1800
217.12.220.71
We change it to the ip of the server with only one ip address.
Code:
ca ca.crt
cert client1.crt
key client1.key
We fix it if client certificates have different names.
Everything is ready, it remains to download the utility that will make sure that the connection is not broken, the utility of any vpn service is suitable.
Now it remains to connect to our VPN and enjoy life, traffic goes according to the scheme : server with 1ip<-->server with 2ip<--><-->network.