OpenVPN on 4.0.2CD

From Knoppix Documentation Wiki
Revision as of 05:35, 15 July 2008 by Eadz (Talk | contribs)

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search

The goal is to create a simple VPN between two machines on a network. The VPN software will be OpenVPN under Knoppix 4.0.2CD using a persistent disk image (PDI).


Create and boot with a persistent disk image. 500 MB should be plenty big.


Following notes from

apt-get update
ls -la /dev/net/tun
apt-get -y install openvpn carpaltunnel
# Answer "yes" when the installer asks about creating the tun device.
# Answer "no" when asked about stopping VPN service (there is none)
ls -la /dev/net/tun


Following example from

lsmod| grep tun
modprobe tun
lsmod| grep tun

Run and test with two machines

This is on two machines connected to a router with a DHCP server that serves up IP addresses in the range.

Setup 1: simple tunnel without security

On first machine

sudo openvpn --remote --dev tun \
  --ifconfig --verb 9 >& vpn.log &

On second machine

sudo openvpn --remote --dev tun \
  --ifconfig --verb 9 >& vpn.log &

Test with a ping from first machine to second:

ping -R -c 4

Test with a ping from second machine to first:

ping -R -c 4

Setup 2: tunnel with static-key security

The first machine ( will act as the server. The second machine ( will act as the client.

Setup environment variables on both client and server:


On the server, generate a key:

openvpn --genkey --secret openvpn.key

Copy key to the client, e.g. using a USB stick or via ssh:

scp openvpn.key knoppix@${public_client}:

On the server, start openvpn:

sudo openvpn --dev tun --ifconfig ${open_vpn_server} ${open_vpn_client} \
  --secret openvpn.key --verb 9 >&vpn.log &

On the client, connect to openvpn daemon on server:

sudo openvpn --dev tun --ifconfig ${open_vpn_client} ${open_vpn_server} \
  --remote ${public_server} \
  --secret openvpn.key --verb 9 >&vpn.log &

On the client, ping the server:

ping -R -c 4 ${open_vpn_server}

On the server, ping the client:

ping -R -c 4 ${open_vpn_client}