mirror of https://github.com/dswd/vpncloud.git
Moved tutorial to Github wiki
This commit is contained in:
Dennis Schwerdel
parent
4162f7a9ff
commit
47e409ef2f
|
|
@ -1,75 +0,0 @@
|
|||
# Point-to-Point Tutorial
|
||||
|
||||
## Goals
|
||||
* Connect several single nodes via a VPN
|
||||
* Nodes should be able to reach each others even through NATs
|
||||
* Traffic should be secured with a password
|
||||
* Nodes should be accessible by IP addresses and names like `NODE.myvpn`
|
||||
|
||||
|
||||
## Preparations
|
||||
To be able to set up the VPN, at least one node needs to be reachable by an
|
||||
unchanging address of hostname. This is normally not the case with common
|
||||
DSL uplinks (they change addresses every day).
|
||||
To mitigate this problem and get a fixed hostname, there are services called
|
||||
dynamic DNS or short DDNS. There are lots of [different DDNS services][1], some
|
||||
are free, some cost money.
|
||||
Most of those services provide a common API that can be used by freely available
|
||||
tools to update the address whenever it changes. Mainstream DSL routers have
|
||||
built-in clients for this API so nothing has to be installed to set up DDNS.
|
||||
|
||||
Besides this unchanging address, a port has to be opened for VpnCloud. This has
|
||||
to be done in the settings of the DSL router. The default port for VpnCloud
|
||||
is 3210. This process is different for every router but it usually can be found
|
||||
under the name of "Port forwarding" or "Exposed ports" (not "exposed host").
|
||||
|
||||
[1]: http://dnslookup.me/dynamic-dns/
|
||||
|
||||
|
||||
## Setup
|
||||
The actual VpnCloud setup is pretty simple.
|
||||
|
||||
A new network config in `/etc/vpncloud` has to be created on each node.
|
||||
There is an example file to start with in `/etc/vpncloud/example.net`.
|
||||
|
||||
$> sudo cp /etc/vpncloud/example.net /etc/vpncloud/mynet.net
|
||||
|
||||
Now that file has to edited to change a few values:
|
||||
|
||||
$> sudo nano /etc/vpncloud/mynet.net
|
||||
|
||||
The following values have to be modified:
|
||||
|
||||
- **PEERS**: This is a list of all peers that this node should connect to.
|
||||
Only unchanging addresses can be used here. Several addresses can be appended
|
||||
and separated by spaces like `"node1.dyndns.org:3210 node2.dyndns.org:3210"`.
|
||||
All nodes that have an unchanging address should be listed here.
|
||||
|
||||
- **SHARED_KEY**: This is a shared password for all nodes that secures the
|
||||
communication. It must be the same on all nodes and of course it should be a
|
||||
strong password.
|
||||
|
||||
- **IFUP**: `ifconfig $IFNAME 10.0.0.X/24 mtu 1400` where `X` is different for
|
||||
every node. It is good idea to use incrementing numbers here and to track the
|
||||
assigned numbers and nodes in a list.
|
||||
|
||||
- **ENABLED**: This needs to be set to `1` when everything is finished so the
|
||||
network is started automatically.
|
||||
|
||||
After the config file has been set up correctly, VpnCloud needs to be restarted:
|
||||
|
||||
$> sudo /etc/init.d/vpncloud restart
|
||||
|
||||
Finally, on each host the names of the nodes should by associated with their
|
||||
address. This can be done by editing `/etc/hosts`:
|
||||
|
||||
$> sudo nano /etc/hosts
|
||||
|
||||
For each node a line with `NAME.myvpn 10.0.0.X` needs to be added.
|
||||
|
||||
|
||||
## Testing the network
|
||||
When everything has been setup properly, the connection can be checked using the
|
||||
`ping` command:
|
||||
|
||||
$> ping NAME.myvpn
|
||||
Loading…
Reference in New Issue