tag:blogger.com,1999:blog-61177615509673811662024-02-20T06:50:48.165-08:00Some Random Linux/IT Knowledge DumpsJust a place to share my solutions(whether professional or personal) as well as other tech findings.TBankshttp://www.blogger.com/profile/12972026682827702089noreply@blogger.comBlogger1125tag:blogger.com,1999:blog-6117761550967381166.post-21738662828626951612011-12-14T14:24:00.000-08:002011-12-14T14:25:09.421-08:00Using CLI OpenVPN And VyprVPN/GiganewsThe 'official' Giganews OpenVPN Linux instructions only cover using NetworkManager GUI. However what if you have a linux based gateway router without graphic support? Or for whatever reason, you simply want to connect using the CLI version of OpenVPN.<br />
<br />
Before beginning, I assume the reader is familiar with the basic concepts behind Linux system administration.<br />
Also note that 'screen' is not manadatory. I just like running my OpenVPN session via 'screen'<br />
<br />
<span class="Apple-style-span" style="font-size: large;"><b>Step 1 - Install:</b></span><br />
<br />
To install using apt-get, and using a Debian/Ubuntu based distro, run the below command.<br />
<b><br />
</b><br />
<span class="Apple-style-span" style="font-family: inherit; font-size: x-small;"><b>apt-get install openvpn</b></span><br />
<span class="Apple-style-span" style="font-family: inherit; font-size: x-small;"><b>apt-get install screen</b></span><br />
<br />
If running a RHEL/Fedora based distro run the below:<br />
<br />
<span class="Apple-style-span" style="font-size: x-small;"><b>yum install openvpn</b></span><br />
<span class="Apple-style-span" style="font-size: x-small;"><b>yum install screen</b></span><br />
<br />
<br />
<b><span class="Apple-style-span" style="font-size: large;">Step 2 - Download the VyprVPN CA cert</span></b><br />
<br />
<span class="Apple-style-span" style="font-family: inherit; font-size: x-small;"><span class="Apple-style-span" style="line-height: 22px;"><b></b></span></span><br />
<span class="Apple-style-span" style="font-family: inherit; font-size: x-small;"><b>sudo wget -O /etc/openvpn/ca.vyprvpn.com.crt \</b></span><br />
<span class="Apple-style-span" style="font-family: inherit; font-size: x-small;"><b>http://www.giganews.com/vyprvpn/ca.vyprvpn.com.crt</b></span><br />
<br />
<br />
<br />
<br />
<span class="Apple-style-span" style="font-size: large;"><b>Step 3 - Run the client</b></span><br />
<br />
First run the command:<br />
<br />
<b><span class="Apple-style-span" style="font-family: inherit; font-size: x-small;">screen</span></b><br />
<br />
Once within the screen session run the below:<br />
<br />
<br />
<span class="Apple-style-span" style="font-family: inherit; font-size: x-small;"><b>sudo openvpn --client \</b></span><br />
<span class="Apple-style-span" style="font-family: inherit; font-size: x-small;"><b>--remote hk1.vpn.giganews.com \</b></span><br />
<span class="Apple-style-span" style="font-family: inherit; font-size: x-small;"><b>--dev tun \</b></span><br />
<span class="Apple-style-span" style="font-family: inherit; font-size: x-small;"><b>--comp-lzo \</b></span><br />
<span class="Apple-style-span" style="font-family: inherit; font-size: x-small;"><b>--auth-user-pass \</b></span><br />
<span class="Apple-style-span" style="font-family: inherit; font-size: x-small;"><b>--tls-client \</b></span><br />
<span class="Apple-style-span" style="font-family: inherit; font-size: x-small;"><b>--ca /etc/openvpn/ca.vyprvpn.com.crt</b></span><br />
<br />
You may be prompted for your sudo password. Enter that. After you pass sudo authentication, you will then need to supply your VPN credentials. Enter those. Note that this is a basic configuration that works. Tweak as needed. Also note that the '--remote' argument can be any of the supported VyprVPN gateways.<br />
<br />
<b><span class="Apple-style-span" style="font-family: inherit; font-size: large;">Step 4 - Verify your connection</span></b><br />
<br />
From a seperate console, run the below<br />
<br />
<span class="Apple-style-span" style="font-family: inherit; font-size: x-small;"><b>ifconfig -a</b></span><br />
<br />
Notice the tun device has been created<br />
<br />
Also run traceroute to some random host...<br />
<br />
<b><span class="Apple-style-span" style="font-size: x-small;">traceroute cnn.com</span></b><br />
<br />
Notice that your route begins at the VPN gateway.. Which in this case would be somewhere in Hong Kong.<br />
<br />
You can also parse through wget or curl output from www.ip2location.com<br />
<br />
<span class="Apple-style-span" style="font-family: inherit; font-size: x-small;"><b>curl -s www.ip2location.com | grep chkCountry\"\> 2>&1<br />
wget -q -O - www.ip2location.com | grep chkCountry\"\> </b></span><br />
<br />
Output may look something like..<br />
<br />
<td><label for="chkCountry">HONG KONG</label></td><br />
<br />
<br />
<b><span class="Apple-style-span" style="font-family: inherit; font-size: large;">Step 5 - End Your Session</span></b><br />
<b><span class="Apple-style-span" style="font-family: inherit; font-size: large;"><br />
</span></b><br />
When complete, simply ctrl-c from within the screen session. Or simply kill the openvpn process.<br />
<br />
To verify your VPN session has been terminated, simply run 'ifconfig -a', and notice the absence of the tun device.<br />
<div><b><span class="Apple-style-span" style="font-family: inherit; font-size: large;"><br />
</span></b></div><br />
<div><br />
</div>TBankshttp://www.blogger.com/profile/12972026682827702089noreply@blogger.com5