For general usage, I recommend you to use Windscribe VPN which give you free 10GB per month.
It's enough to play the online game without lagging.
Windscribe VPN look best in these VPN app competition.
To sign up the free account go here: https://windscribe.com/?friend=o5spym13
Don't forget to claim voucher and enter “50GBFREE” to get free 50GB quota.
Easy steps to setup OpenVPN 2.4.3 on CentOS 6.9 WHM Cpanel
Re: Easy steps to setup OpenVPN 2.4.3 on CentOS 6.9 WHM Cpanel
Code: Select all
# Enable Extra Packages for Enterprise Linux repository configuration
yum install epel-release
yum install openvpn
yum install easy-rsa
Re: Easy steps to setup OpenVPN 2.4.3 on CentOS 6.9 WHM Cpanel
Code: Select all
cp /usr/share/doc/openvpn-*/sample/sample-config-files/server.conf /etc/openvpn
nano -w /etc/openvpn/server.conf
push "redirect-gateway def1 bypass-dhcp"
push "dhcp-option DNS 8.8.8.8"
push "dhcp-option DNS 8.8.4.4"
duplicate-cn
tls-auth ta.key 0
compress lz4-v2
push "compress lz4-v2"
max-clients 7
user nobody
group nobody
log-append openvpn.log
Re: Easy steps to setup OpenVPN 2.4.3 on CentOS 6.9 WHM Cpanel
Code: Select all
mkdir /etc/openvpn/easy-rsa/
cp /usr/share/easy-rsa/2.0/* /etc/openvpn/easy-rsa/
cd /etc/openvpn/easy-rsa/
nano -w ./vars
export KEY_CONFIG="$EASY_RSA/openssl-1.0.0.cnf"
export KEY_DIR="$EASY_RSA/keys"
export KEY_COUNTRY="US"
export KEY_PROVINCE="NY"
export KEY_CITY="New York"
export KEY_ORG="Company Inc."
export KEY_EMAIL="admin@gmail.com"
export KEY_OU="IT Department"
export KEY_NAME="VPN Server"
export KEY_CN="server"
source ./vars
./clean-all
./build-dh
./build-ca
./build-key-server server
./build-key client01
openvpn --genkey --secret /etc/openvpn/easy-rsa/keys/ta.key
cp /etc/openvpn/easy-rsa/keys/dh2048.pem /etc/openvpn/
cp /etc/openvpn/easy-rsa/keys/ca.crt /etc/openvpn/
cp /etc/openvpn/easy-rsa/keys/server.crt /etc/openvpn/
cp /etc/openvpn/easy-rsa/keys/server.key /etc/openvpn/
cp /etc/openvpn/easy-rsa/keys/ta.key /etc/openvpn/
Re: Easy steps to setup OpenVPN 2.4.3 on CentOS 6.9 WHM Cpanel
Code: Select all
echo 1 > /proc/sys/net/ipv4/ip_forward
nano -w /etc/sysctl.conf
net.ipv4.ip_forward = 1
sysctl -p
Re: Easy steps to setup OpenVPN 2.4.3 on CentOS 6.9 WHM Cpanel
https://community.openvpn.net/openvpn/wiki/BridgingAndRouting
https://serverfault.com/questions/472258/difference-between-iptables-a-and-i-option
If you are on the CSF, add those 4 rules to the /etc/csf/csfpost.sh
Don't forget to add full path to the iptables command!!!
CSF (ConfigServer Filewall) is an iptables based firewall, provides easier way to implement iptables rules.
Sometimes we need to add some specific rules that not covered by CSF.
If we add these rules using iptables command directly from shell, they will erased on next CSF restart.
But CSF provides pre and post scripts which executes before or after CSF rules setup.
/etc/csf/csfpre.sh : To run external commands before csf configures iptables
/etc/csf/csfpost.sh : To run external commands after csf configures iptables
https://serverfault.com/questions/472258/difference-between-iptables-a-and-i-option
Code: Select all
# Check the main interface name (eth0 or veth0).
/sbin/ifconfig
# Allow incoming UDP traffic to port 1194. Don't use -A.
/sbin/iptables -I INPUT -i eth0 -p udp -m state --state NEW -m udp --dport 1194 -j ACCEPT
# Allow traffic initiated from VPN to access the world
/sbin/iptables -A FORWARD -s 10.8.0.0/24 -i tun0 -o eth0 -m state --state NEW -j ACCEPT
# Allow established traffic to pass back and forth
/sbin/iptables -A FORWARD -m state --state RELATED,ESTABLISHED -j ACCEPT
# Masquerade traffic from VPN to the world
/sbin/iptables -t nat -A POSTROUTING -s 10.8.0.0/24 -o eth0 -j MASQUERADE
service iptables save
service iptables restart
# List the active FORWARD rules
/sbin/iptables -S FORWARD
Don't forget to add full path to the iptables command!!!
CSF (ConfigServer Filewall) is an iptables based firewall, provides easier way to implement iptables rules.
Sometimes we need to add some specific rules that not covered by CSF.
If we add these rules using iptables command directly from shell, they will erased on next CSF restart.
But CSF provides pre and post scripts which executes before or after CSF rules setup.
/etc/csf/csfpre.sh : To run external commands before csf configures iptables
/etc/csf/csfpost.sh : To run external commands after csf configures iptables
Code: Select all
touch /etc/csf/csfpost.sh
chmod +x /etc/csf/csfpost.sh
nano -w /etc/csf/csfpost.sh
# Restart CSF
csf -r
Re: Easy steps to setup OpenVPN 2.4.3 on CentOS 6.9 WHM Cpanel
Code: Select all
chkconfig --list openvpn
chkconfig --add openvpn
chkconfig openvpn on
service openvpn restart
tail -200 /var/log/messages
tail -200 /etc/openvpn/openvpn.log
Re: Easy steps to setup OpenVPN 2.4.3 on CentOS 6.9 WHM Cpanel
client01.ovpn
Copy these files to use with your client software:
Code: Select all
client
remote 123.123.123.123 1194
dev tun
proto udp
resolv-retry infinite
nobind
persist-key
persist-tun
ca ca.crt
cert client01.crt
key client01.key
tls-auth ta.key 1
cipher AES-256-CBC
remote-cert-tls server
verb 3
;mute 20
;comp-lzo
Code: Select all
/etc/openvpn/easy-rsa/keys/ca.crt
/etc/openvpn/easy-rsa/keys/client01.crt
/etc/openvpn/easy-rsa/keys/client01.key
/etc/openvpn/easy-rsa/keys/ta.key