{"id":6895,"date":"2020-03-11T23:16:30","date_gmt":"2020-03-11T22:16:30","guid":{"rendered":"https:\/\/michlstechblog.info\/blog\/?p=6895"},"modified":"2020-03-12T15:21:34","modified_gmt":"2020-03-12T14:21:34","slug":"openvpn-p2p-connect-on-linux","status":"publish","type":"post","link":"https:\/\/michlstechblog.info\/blog\/openvpn-p2p-connect-on-linux\/","title":{"rendered":"OpenVPN: P2P connect on linux"},"content":{"rendered":"<div class=\"twoclick_social_bookmarks_post_6895 social_share_privacy clearfix 1.6.4 locale-en_US sprite-en_US\"><\/div><div class=\"twoclick-js\"><script type=\"text\/javascript\">\/* <![CDATA[ *\/\njQuery(document).ready(function($){if($('.twoclick_social_bookmarks_post_6895')){$('.twoclick_social_bookmarks_post_6895').socialSharePrivacy({\"services\":{\"flattr\":{\"uid\":\"Michl\",\"status\":\"on\",\"the_title\":\"OpenVPN%3A%20P2P%20connect%20on%20linux\",\"the_excerpt\":\"Hi%2C%0D%0A%0D%0Athis%20post%20describes%20how%20to%20setup%20an%20adhoc%20openvpn%20connection%20between%20two%20linux%20hosts.%0D%0A%0D%0A%20%28more%26hellip%3B%29\",\"txt_info\":\"2 clicks for more data protection:\\r\\n\\r\\nOnly when you click here, the button will be come active and you can send your recommendation to Flattr. When activating, data are transmitted to third parties. \",\"perma_option\":\"off\"}},\"txt_help\":\"When you activate these fields by clicking, information to Flattr may be transferred abroad, and probably may also stored there.\",\"settings_perma\":\"Enable permanently and accept data transmission. \",\"info_link\":\"http:\\\/\\\/www.heise.de\\\/ct\\\/artikel\\\/2-Klicks-fuer-mehr-Datenschutz-1333879.html\",\"uri\":\"https:\\\/\\\/michlstechblog.info\\\/blog\\\/openvpn-p2p-connect-on-linux\\\/\",\"post_id\":6895,\"post_title_referrer_track\":\"OpenVPN%3A+P2P+connect+on+linux\",\"display_infobox\":\"on\"});}});\n\/* ]]> *\/<\/script><\/div><p>Hi,<\/p>\n<p>this post describes how to setup an adhoc openvpn connection between two linux hosts.<\/p>\n<p><!--more--><\/p>\n<p>First install openvpn on both systems<\/p>\n<pre class=\"brush: bash; title: ; notranslate\" title=\"\">\r\nroot@debdev ~ # apt-get install openvpn\r\n<\/pre>\n<p>On one of them create a secret file. This is used for en- and decrypt the traffic between the hosts<\/p>\n<pre class=\"brush: bash; title: ; notranslate\" title=\"\">\r\nroot@debdev ~ # openvpn --genkey --secret ~\/temp-p2p-network.key --keysize 2048\r\n<\/pre>\n<p>Copy the key temp-p2p-network.key to root&#8217;s home directory on both systems. One acts as server the second as client<\/p>\n<p>On the server create a config file \/root\/p2p.ovpn<br \/>\n<code><br \/>\ndev tun<br \/>\nport 51999<br \/>\nifconfig 172.31.200.1 172.31.200.2<br \/>\nsecret temp-p2p-network.key<br \/>\n# Compress traffic<br \/>\ncomp-lzo<br \/>\n# These settings ensure that OpenVPN reconnects when the partner changes his IP Address<br \/>\nkeepalive 10 60<br \/>\ncipher AES-256-CBC<br \/>\nping-timer-rem<br \/>\nauth-nocache<br \/>\npersist-tun<br \/>\npersist-key<br \/>\n<\/code><br \/>\nand start the openvpn server<\/p>\n<pre class=\"brush: bash; title: ; notranslate\" title=\"\">\r\nroot@debdev ~ # openvpn --config \/root\/p2p.ovpn\r\n<\/pre>\n<p>Or start the server with all necessary parameters from command line<\/p>\n<pre class=\"brush: bash; title: ; notranslate\" title=\"\">\r\nroot@debdev ~ # openvpn --proto udp --dev tun --topology p2p --ifconfig 172.31.200.1 172.31.200.2 --secret temp-p2p-network.key --comp-lzo --keepalive 10 60  --cipher AES-256-CBC --ping-timer-rem\r\n<\/pre>\n<p>On the &#8220;Client&#8221; the same. Start with all parameters from command line. You have to adjust the servers IP address at &#8211;remote <\/p>\n<pre class=\"brush: bash; title: ; notranslate\" title=\"\">\r\nroot@debdev ~ # openvpn --remote 123.123.123.123 51999 udp --dev tun --topology p2p --ifconfig 172.31.200.2 172.31.200.1 --secret temp-p2p-network.key --comp-lzo --keepalive 10 60 --cipher AES-256-CBC --ping-timer-rem\r\n<\/pre>\n<p>Or with config file<br \/>\n<code><br \/>\nremote 123.123.123.123<br \/>\nport 51999<br \/>\ndev tun<br \/>\nifconfig 172.31.200.2 172.31.200.1<br \/>\nsecret temp-p2p-network.key<br \/>\n# Compress traffic<br \/>\ncomp-lzo<br \/>\n# These settings ensure that OpenVPN reconnects when the partner changes his IP Address<br \/>\nkeepalive 10 60<br \/>\ncipher AES-256-CBC<br \/>\nauth-nocache<br \/>\nping-timer-rem<br \/>\n<\/code><\/p>\n<pre class=\"brush: bash; title: ; notranslate\" title=\"\">\r\nroot@debdev ~ # openvpn --config \/root\/p2p.ovpn\r\nThu Mar 11 21:08:50 2020 Peer Connection Initiated with &#x5B;AF_INET]123.123.123.123:51999\r\nThu Mar 11 21:08:50 2020 Initialization Sequence Completed\r\n<\/pre>\n<p>Check<\/p>\n<pre class=\"brush: bash; title: ; notranslate\" title=\"\">\r\nmichael@debdev ~ # ping 172.31.200.1\r\n64 bytes from 172.31.200.1: icmp_seq=2953 ttl=64 time=58.2 ms\r\n<\/pre>\n<p>Michael<\/p>\n<p> <!--\/sbin\/route add -net 172.16.1.0\/24 gateway 172.16.2.1--><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Hi, this post describes how to setup an adhoc openvpn connection between two linux hosts.<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[3,6],"tags":[1421,573,224,1422,1424,1423],"class_list":["post-6895","post","type-post","status-publish","format-standard","hentry","category-linux","category-openvpn","tag-adhoc","tag-connection","tag-linux-2","tag-openvon","tag-p2p","tag-static-key"],"amp_enabled":true,"_links":{"self":[{"href":"https:\/\/michlstechblog.info\/blog\/wp-json\/wp\/v2\/posts\/6895","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/michlstechblog.info\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/michlstechblog.info\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/michlstechblog.info\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/michlstechblog.info\/blog\/wp-json\/wp\/v2\/comments?post=6895"}],"version-history":[{"count":13,"href":"https:\/\/michlstechblog.info\/blog\/wp-json\/wp\/v2\/posts\/6895\/revisions"}],"predecessor-version":[{"id":6908,"href":"https:\/\/michlstechblog.info\/blog\/wp-json\/wp\/v2\/posts\/6895\/revisions\/6908"}],"wp:attachment":[{"href":"https:\/\/michlstechblog.info\/blog\/wp-json\/wp\/v2\/media?parent=6895"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/michlstechblog.info\/blog\/wp-json\/wp\/v2\/categories?post=6895"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/michlstechblog.info\/blog\/wp-json\/wp\/v2\/tags?post=6895"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}