OpenVPN For VZ VPS Bash Script. "CentOS"

[dotvps]

1. yum update
2. yum -y install nano
3. Nano openvpn.sh
4. Copy and paste the content below into it.

#!/bin/bash
#

echo "############################################# ###"
echo "Should work on various rpm-based Linux distos."
echo "Tested on CentOS ditros version 5 to 5.5"
echo
echo "Make sure to message your provider and have them enable"
echo "TUN, PPP, IPtables, and NAT modules prior to setting up OpenVPN."
echo
echo "You need to set up the server before creating more client keys."
echo "A separate client keyset is required per connection or machine."
echo "When creating certificated you can put \".\" to skip a field for all fields"
echo "except for \"Common Name\" and password fields."
echo "############################################# ###"
echo
echo
echo "############################################# ###"
echo "Select on option:"
echo "1) Set up new OpenVPN server AND create one client"
echo "2) Create additional clients"
echo "############################################# ###"
read x
if test $x -eq 1; then
echo "Specify server port number that you want the server to use (eg. 54):"
read p
echo "Enter client username that you want to create (eg. client1):"
read c

# get the venet0:0 IP
ip=`grep IPADDR /etc/sysconfig/network-scripts/ifcfg-venet0:0 | awk -F= '{print $2}'`

echo
echo
echo "############################################# ###"
echo "Downloading OpenVPN 2.0.9 and LZO compression library"
echo "############################################# ###"
mkdir /etc/ovpn_install
cd /etc/ovpn_install
wget http://openvpn.net/release/openvpn-2.0.9.tar.gz
wget http://openvpn.net/release/lzo-1.08-4.rf.src.rpm

echo
echo
echo "############################################# ###"
echo "Downloading and Installing Dependencies"
echo "############################################# ###"
yum -y install rpm-build autoconf.noarch zlib-devel pam-devel openssl-devel make gcc

echo
echo
echo "############################################# ###"
echo "Building From Source"
echo "############################################# ###"
rpmbuild --rebuild lzo-1.08-4.rf.src.rpm
rpm -Uvh /usr/src/redhat/RPMS/i386/lzo-*.rpm
rpmbuild -tb openvpn-2.0.9.tar.gz
rpm -Uvh /usr/src/redhat/RPMS/i386/openvpn-2.0.9-1.i386.rpm

echo
echo
echo "############################################# ###"
echo "Creating Server Config"
echo "\"Common Name\" must be filled."
echo "Please insert : server"
echo "############################################# ###"
cp -r /usr/share/doc/openvpn-2.0.9/easy-rsa/ /etc/openvpn/

# creating server.conf file
echo "local $ip" > /etc/openvpn/server.conf
echo "port $p" >> /etc/openvpn/server.conf
echo "proto udp" >> /etc/openvpn/server.conf
echo "dev tun" >> /etc/openvpn/server.conf
echo "ca /etc/openvpn/keys/ca.crt" >> /etc/openvpn/server.conf
echo "cert /etc/openvpn/keys/server.crt" >> /etc/openvpn/server.conf
echo "key /etc/openvpn/keys/server.key" >> /etc/openvpn/server.conf
echo "dh /etc/openvpn/keys/dh1024.pem" >> /etc/openvpn/server.conf
echo "server 10.9.0.0 255.255.255.0" >> /etc/openvpn/server.conf
echo "ifconfig-pool-persist ipp.txt" >> /etc/openvpn/server.conf
echo "push \"redirect-gateway def1\" " >> /etc/openvpn/server.conf
echo "push \"dhcp-option DNS 8.8.8.8\" " >> /etc/openvpn/server.conf
echo "push \"dhcp-option DNS 8.8.4.4\" " >> /etc/openvpn/server.conf
echo "keepalive 5 30" >> /etc/openvpn/server.conf
echo "comp-lzo" >> /etc/openvpn/server.conf
echo "persist-key" >> /etc/openvpn/server.conf
echo "persist-tun" >> /etc/openvpn/server.conf
echo "status server-tcp.log" >> /etc/openvpn/server.conf
echo "verb 3" >> /etc/openvpn/server.conf

cd /etc/openvpn/easy-rsa/2.0/
source ./vars
./vars
./clean-all

echo
echo
echo "############################################# ###"
echo "Building Certifcate Authority"
echo "\"Common Name\" must be filled."
echo "############################################# ###"
./build-ca

echo
echo
echo "############################################# ###"
echo "Building Server Certificate"
echo "\"Common Name\" must be filled."
echo "Please insert : server"
echo "############################################# ###"
./build-key-server server
./build-dh

cp /etc/openvpn/easy-rsa/2.0/keys /etc/openvpn/keys -R

echo
echo
echo "############################################# ###"
echo "Starting Server"
echo "############################################# ###"
service openvpn start

echo
echo
echo "############################################# ###"
echo "Forwarding IPv4 and Enabling It On-boot"
echo "############################################# ###"
echo 1 > /proc/sys/net/ipv4/ip_forward
# saves ipv4 forwarding and and enables it on-boot
sed -e 's/\(net.ipv4.ip_forward =\) 0/\1 1/g' /etc/sysctl.conf > /etc/tempsysclt
cat /etc/tempsysclt > /etc/sysctl.conf
rm -f /etc/tempsysclt

echo
echo
echo "############################################# ###"
echo "Updating IPtables Routing and Enabling It On-boot"
echo "############################################# ###"
tunip=`/sbin/ifconfig tun0 | grep 'inet addr:' | cut -d: -f2| cut -d' ' -f1`
iptables -t nat -A POSTROUTING -s $tunip/24 -j SNAT --to $ip
# saves iptables routing rules and enables them on-boot
/sbin/service iptables save
chkconfig iptables on

echo
echo
echo "############################################# ###"
echo "Building certificate for client $c"
echo "\"Common Name\" must be filled."
echo "Please insert like same cert : $c"
echo "############################################# ###"
./build-key $c

echo "client " > /etc/openvpn/keys/$c.ovpn
echo "dev tun " >> /etc/openvpn/keys/$c.ovpn
echo "proto udp " >> /etc/openvpn/keys/$c.ovpn
echo "remote $ip $p " >> /etc/openvpn/keys/$c.ovpn
echo "resolv-retry infinite " >> /etc/openvpn/keys/$c.ovpn
echo "nobind " >> /etc/openvpn/keys/$c.ovpn
echo "persist-key " >> /etc/openvpn/keys/$c.ovpn
echo "persist-tun " >> /etc/openvpn/keys/$c.ovpn
echo "ca ca.crt " >> /etc/openvpn/keys/$c.ovpn
echo "cert $c.crt " >> /etc/openvpn/keys/$c.ovpn
echo "key $c.key " >> /etc/openvpn/keys/$c.ovpn
echo "comp-lzo " >> /etc/openvpn/keys/$c.ovpn
echo "verb 3 " >> /etc/openvpn/keys/$c.ovpn

cp /etc/openvpn/easy-rsa/2.0/keys/$c.crt /etc/openvpn/keys
cp /etc/openvpn/easy-rsa/2.0/keys/$c.key /etc/openvpn/keys

cd /etc/openvpn/keys/
tar czf clientkeys.tgz ca.crt $c.crt $c.key $c.ovpn

echo
echo
echo "############################################# ###"
echo "OpenVPN server successfully installed."
echo "One client keyset for $c generated."
echo "To connect:"
echo "1) Download /etc/openvpn/keys/clientkeys.tgz using SCP client such as WinSCP."
echo "2) Create a folder named VPN in C:\Program Files\OpenVPN\config directory"
echo "3) Extract the contents of clientkeys.tgz to the VPN folder."
echo "4) Start openvpn-gui, right click the tray icon and click Connect."
echo
echo "To generate additonal client keysets, run the script again with option #2."
echo "############################################# ###"


# runs this if option 2 is selected
elif test $x -eq 2; then
echo "Enter client username that you want to create (eg. client2):"
read c

ip=`grep IPADDR /etc/sysconfig/network-scripts/ifcfg-venet0:0 | awk -F= '{print $2}'`
p=`grep -n 'port' /etc/openvpn/server.conf | cut -d' ' -f2`

echo
echo
echo "############################################# ###"
echo "Building certificate for client $c"
echo "\"Common Name\" must be filled."
echo "Please insert like same cert : $c"
echo "############################################# ###"
cd /etc/openvpn/easy-rsa/2.0
source ./vars
./vars
./build-key $c

echo "client " > /etc/openvpn/keys/$c.ovpn
echo "dev tun " >> /etc/openvpn/keys/$c.ovpn
echo "proto udp " >> /etc/openvpn/keys/$c.ovpn
echo "remote $ip $p " >> /etc/openvpn/keys/$c.ovpn
echo "resolv-retry infinite " >> /etc/openvpn/keys/$c.ovpn
echo "nobind " >> /etc/openvpn/keys/$c.ovpn
echo "persist-key " >> /etc/openvpn/keys/$c.ovpn
echo "persist-tun " >> /etc/openvpn/keys/$c.ovpn
echo "ca ca.crt " >> /etc/openvpn/keys/$c.ovpn
echo "cert $c.crt " >> /etc/openvpn/keys/$c.ovpn
echo "key $c.key " >> /etc/openvpn/keys/$c.ovpn
echo "comp-lzo " >> /etc/openvpn/keys/$c.ovpn
echo "verb 3 " >> /etc/openvpn/keys/$c.ovpn

cp /etc/openvpn/easy-rsa/2.0/keys/$c.crt /etc/openvpn/keys
cp /etc/openvpn/easy-rsa/2.0/keys/$c.key /etc/openvpn/keys

cd /etc/openvpn/keys/
tar czf clientkeys.tgz ca.crt $c.crt $c.key $c.ovpn

echo
echo
echo "############################################# ###"
echo "One client keyset for $c generated."
echo "To connect:"
echo "1) Download /etc/openvpn/keys/clientkeys.tgz using SCP client such as WinSCP."
echo "2) Create a folder named VPN in C:\Program Files\OpenVPN\config directory "
echo "3) Extract the contents of clientkeys.tgz to the VPN folder."
echo "4) Start openvpn-gui, right click the tray icon and click Connect."
echo "############################################# ###"

else
echo "Invalid selection, quitting."
exit
fi

5. ctrl + o then ctrl + x
--
6. sh openvpn.sh

7. Fill out the information it asks.

8. cd /etc/openvpn/keys/

9. yum install zip

10. zip -r a.zip *

11. mv a.zip /var/www/html

12. go to http://IP/a.zip in your browser

13. unzip content to some where safe.

14. Download openvpn client (Google Search) or PM me for a mirror i keep.

15. Install it then open it and click the + on it.

16. Select local file then find the folder of content downloaded select the .ovpn file.

dotvps Reviewed by dotvps on 16th Feb 2012. OpenVPN For VZ VPS Bash Script. "CentOS" 1. yum update 2. yum -y install nano 3. Nano openvpn.sh 4. Copy and paste the content below into it. 5. ctrl + o then ctrl + x -- 6. sh openvpn.sh Rating: 5

[onel0ve]

you tried this before ?
dnt know why its not working for me
facing this error

+ exit 0
Executing(--clean): /bin/sh -e /var/tmp/rpm-tmp.80730
+ umask 022
+ cd /usr/src/redhat/BUILD
+ rm -rf lzo-1.08
+ exit 0
error: File not found by glob: /usr/src/redhat/RPMS/i386/lzo-*.rpm
error: Failed build dependencies:
lzo-devel >= 1.07 is needed by openvpn-2.0.9-1.x86_64
error: open of /usr/src/redhat/RPMS/i386/openvpn-2.0.9-1.i386.rpm failed: No such file or directory


############################################# ###
Creating Server Config
"Common Name" must be filled.
Please insert : server
############################################# ###
cp: cannot stat `/usr/share/doc/openvpn-2.0.9/easy-rsa/': No such file or directory
openvpn1.sh: line 70: /etc/openvpn/server.conf: No such file or directory
openvpn1.sh: line 71: /etc/openvpn/server.conf: No such file or directory
openvpn1.sh: line 72: /etc/openvpn/server.conf: No such file or directory
openvpn1.sh: line 73: /etc/openvpn/server.conf: No such file or directory
openvpn1.sh: line 74: /etc/openvpn/server.conf: No such file or directory
openvpn1.sh: line 75: /etc/openvpn/server.conf: No such file or directory
openvpn1.sh: line 76: /etc/openvpn/server.conf: No such file or directory
openvpn1.sh: line 77: /etc/openvpn/server.conf: No such file or directory
openvpn1.sh: line 78: /etc/openvpn/server.conf: No such file or directory
openvpn1.sh: line 79: /etc/openvpn/server.conf: No such file or directory
openvpn1.sh: line 80: /etc/openvpn/server.conf: No such file or directory
openvpn1.sh: line 81: /etc/openvpn/server.conf: No such file or directory
openvpn1.sh: line 82: /etc/openvpn/server.conf: No such file or directory
openvpn1.sh: line 83: /etc/openvpn/server.conf: No such file or directory
openvpn1.sh: line 84: /etc/openvpn/server.conf: No such file or directory
openvpn1.sh: line 85: /etc/openvpn/server.conf: No such file or directory
openvpn1.sh: line 86: /etc/openvpn/server.conf: No such file or directory
openvpn1.sh: line 87: /etc/openvpn/server.conf: No such file or directory
openvpn1.sh: line 88: /etc/openvpn/server.conf: No such file or directory
openvpn1.sh: line 90: cd: /etc/openvpn/easy-rsa/2.0/: No such file or directory
openvpn1.sh: line 91: ./vars: No such file or directory

[dotvps]

I had this error when testing but a reinstall fixed it.

[vikassaini01]

you tried this before ?
dnt know why its not working for me
facing this error

I think the guide is for 32 Bit OS (all packages used in the guide are i386) whereas you are using 64 Bit OS (your errors shows x64)

[ken]

do you have a TUT of UBUNTU on how to INSTALL also in VPN.