nik/FreedomBox
1
0
Fork 0
mirror of https://github.com/freedombox/FreedomBox.git synced 2026-01-21 07:55:00 +00:00
Code Issues Packages Projects Releases Wiki Activity
FreedomBox/doc/OpenVPN.raw.xml
James Valleroy e195cd721c
doc: Fetch latest manual 
Signed-off-by: James Valleroy <jvalleroy@mailbox.org>
2019-05-27 18:09:28 -04:00

7 lines
16 KiB
XML
Raw Blame History

<?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE article
PUBLIC '-//OASIS//DTD DocBook XML V4.4//EN'
'http://www.docbook.org/xml/4.4/docbookx.dtd'>
<article><articleinfo><title>FreedomBox/Manual/OpenVPN</title><revhistory><revision><revnumber>14</revnumber><date>2019-05-10 23:08:07</date><authorinitials>JamesValleroy</authorinitials><revremark>use standard text for port forwarding</revremark></revision><revision><revnumber>13</revnumber><date>2019-03-01 01:28:15</date><authorinitials>SunilMohanAdapa</authorinitials><revremark>Add instructions for connecting using mobile client</revremark></revision><revision><revnumber>12</revnumber><date>2019-03-01 00:48:12</date><authorinitials>SunilMohanAdapa</authorinitials><revremark>Add information about browsing Internet</revremark></revision><revision><revnumber>11</revnumber><date>2019-03-01 00:37:30</date><authorinitials>SunilMohanAdapa</authorinitials><revremark>Update information about dealing with profile files</revremark></revision><revision><revnumber>10</revnumber><date>2019-02-28 09:38:45</date><authorinitials>JosephNuthalapati</authorinitials><revremark>Update image and set width</revremark></revision><revision><revnumber>9</revnumber><date>2018-11-15 11:47:34</date><authorinitials>JosephNuthalapati</authorinitials><revremark>Add documentation on how to connect to VPN from Debian and check the connection. Update external link</revremark></revision><revision><revnumber>8</revnumber><date>2016-12-31 04:01:13</date><authorinitials>JamesValleroy</authorinitials><revremark>clarify install vs setup</revremark></revision><revision><revnumber>7</revnumber><date>2016-09-09 15:37:55</date><authorinitials>SunilMohanAdapa</authorinitials><revremark>Minor indentation fix with screenshot</revremark></revision><revision><revnumber>6</revnumber><date>2016-09-01 19:14:03</date><authorinitials>Drahtseil</authorinitials><revremark>adapted title to Plinth wording</revremark></revision><revision><revnumber>5</revnumber><date>2016-08-14 19:39:09</date><authorinitials>JanCostermans</authorinitials><revremark>added screenshot and setting up sections</revremark></revision><revision><revnumber>4</revnumber><date>2016-04-10 07:16:50</date><authorinitials>PhilippeBaret</authorinitials><revremark>Added bottom navigation link</revremark></revision><revision><revnumber>3</revnumber><date>2015-12-16 00:32:58</date><authorinitials>PhilippeBaret</authorinitials><revremark>Text finishing</revremark></revision><revision><revnumber>2</revnumber><date>2015-12-16 00:28:34</date><authorinitials>PhilippeBaret</authorinitials><revremark>Added definition for OpenVPN</revremark></revision><revision><revnumber>1</revnumber><date>2015-12-15 23:58:42</date><authorinitials>PhilippeBaret</authorinitials><revremark>Added first content [OpenVPN page to Apps manual]</revremark></revision></revhistory></articleinfo><section><title>Virtual Private Network (OpenVPN)</title><section><title>What is OpenVPN?</title><para>OpenVPN provides to your FreedomBox a virtual private network service. You can use this software for remote access, site-to-site VPNs and Wi-Fi security. OpenVPN includes support for dynamic IP addresses and NAT. </para></section><section><title>Port Forwarding</title><para>If your FreedomBox is behind a router, you will need to set up port forwarding on your router. You should forward the following ports for OpenVPN: </para><itemizedlist><listitem><para>UDP 1194 </para></listitem></itemizedlist></section><section><title>Setting up</title><orderedlist numeration="arabic"><listitem><para>In Plinth apps menu, select <emphasis>Virtual Private Network (OpenVPN)</emphasis> and click Install. </para></listitem><listitem><para>After the module is installed, there is an additional setup step that may take a long time to complete. Click &quot;Start setup&quot; to begin. </para><para><inlinemediaobject><imageobject><imagedata fileref="https://wiki.debian.org/FreedomBox/Manual/OpenVPN?action=AttachFile&amp;do=get&amp;target=plinth_openvpn.png" width="800"/></imageobject><textobject><phrase>OpenVPN service page</phrase></textobject></inlinemediaobject> </para></listitem><listitem><para>Wait for the setup to finish. This could take a while. </para></listitem><listitem><para>Once the setup of the OpenVPN server is complete, you can download your profile. This will download a file called &lt;USER&gt;.ovpn, where &lt;USER&gt; is the name of a FreedomBox user. Each FreedomBox user will be able to download a different profile. Users who are not administrators can download the profile from home page after login. </para></listitem><listitem><para>The ovpn file contains all the information a vpn client needs to connect to the server. </para></listitem><listitem><para>The downloaded profile contains the domain name of the FreedomBox that the client should connect to. This is picked up from the domain configured in 'Config' section of 'System' page. In case your domain is not configured properly, you may need to change this value after downloading the profile. If your OpenVPN client allows it, you can do this after importing the OpenVPN profile. Otherwise, you can edit the .ovpn profile file in a text editor and change the 'remote' line to contain the WAN IP address or hostname of your FreedomBox as follows. </para></listitem></orderedlist><screen><![CDATA[client
remote mybox.sds-ip.de 1194
proto udp]]></screen></section><section><title>Browsing Internet after connecting to VPN</title><para>After connecting to the VPN, the client device will be able to browse the Internet without any further configuration. However, a pre-condition for this to work is that you need to have at least one Internet connected network interface which is part of the 'External' firewall zone. Use the networks configuration page to edit the firewall zone for the device's network interfaces. </para></section><section><title>Usage</title><section><title>On Android/LineageOS</title><orderedlist numeration="arabic"><listitem><para>Visit FreedomBox home page. Login with your user account. From home page, download the OpenVPN profile. The file will be named <emphasis>username</emphasis>.ovpn. </para><itemizedlist><listitem override="none"><para><inlinemediaobject><imageobject><imagedata fileref="https://wiki.debian.org/FreedomBox/Manual/OpenVPN?action=AttachFile&amp;do=get&amp;target=openvpn_download_profile.png" width="324"/></imageobject><textobject><phrase>OpenVPN Download Profile</phrase></textobject></inlinemediaobject> </para></listitem></itemizedlist></listitem><listitem><para>Download an OpenVPN client such as <emphasis>OpenVPN for Android</emphasis>. F-Droid repository is recommended. In the app, select import profile. </para><itemizedlist><listitem override="none"><para><inlinemediaobject><imageobject><imagedata fileref="https://wiki.debian.org/FreedomBox/Manual/OpenVPN?action=AttachFile&amp;do=get&amp;target=openvpn_install_app.png" width="324"/></imageobject><textobject><phrase>OpenVPN App</phrase></textobject></inlinemediaobject> </para></listitem></itemizedlist></listitem><listitem><para>In the select profile dialog, choose the <emphasis>username</emphasis>.opvn file you have just downloaded. Provide a name for the connection and save the profile. </para><itemizedlist><listitem override="none"><para><inlinemediaobject><imageobject><imagedata fileref="https://wiki.debian.org/FreedomBox/Manual/OpenVPN?action=AttachFile&amp;do=get&amp;target=openvpn_import_profile.png" width="324"/></imageobject><textobject><phrase>OpenVPN import profile</phrase></textobject></inlinemediaobject> </para></listitem></itemizedlist></listitem><listitem><para>Newly created profile will show up. If necessary, edit the profile and set the domain name of your FreedomBox as the server address. </para><itemizedlist><listitem override="none"><para><inlinemediaobject><imageobject><imagedata fileref="https://wiki.debian.org/FreedomBox/Manual/OpenVPN?action=AttachFile&amp;do=get&amp;target=openvpn_profile_created.png" width="324"/></imageobject><textobject><phrase>OpenVPN profile created</phrase></textobject></inlinemediaobject> </para><para><inlinemediaobject><imageobject><imagedata fileref="https://wiki.debian.org/FreedomBox/Manual/OpenVPN?action=AttachFile&amp;do=get&amp;target=openvpn_edit_domain_name.png" width="324"/></imageobject><textobject><phrase>OpenVPN edit domain name</phrase></textobject></inlinemediaobject> </para></listitem></itemizedlist></listitem><listitem><para>Connect by tapping on the profile. </para><itemizedlist><listitem override="none"><para><inlinemediaobject><imageobject><imagedata fileref="https://wiki.debian.org/FreedomBox/Manual/OpenVPN?action=AttachFile&amp;do=get&amp;target=openvpn_connect.png" width="324"/></imageobject><textobject><phrase>OpenVPN connect</phrase></textobject></inlinemediaobject> </para><para><inlinemediaobject><imageobject><imagedata fileref="https://wiki.debian.org/FreedomBox/Manual/OpenVPN?action=AttachFile&amp;do=get&amp;target=openvpn_connected.png" width="324"/></imageobject><textobject><phrase>OpenVPN connected</phrase></textobject></inlinemediaobject> </para></listitem></itemizedlist></listitem><listitem><para>When done, disconnect by tapping on the profile. </para><itemizedlist><listitem override="none"><para><inlinemediaobject><imageobject><imagedata fileref="https://wiki.debian.org/FreedomBox/Manual/OpenVPN?action=AttachFile&amp;do=get&amp;target=openvpn_disconnect.png" width="324"/></imageobject><textobject><phrase>OpenVPN disconnect</phrase></textobject></inlinemediaobject> </para></listitem></itemizedlist></listitem></orderedlist></section><section><title>On Debian</title><para>Install an OpenVPN client for your system </para><screen><![CDATA[$ sudo apt install openvpn]]></screen><para>Open the ovpn file with the OpenVPN client. </para><screen><![CDATA[$ sudo openvpn --config /path/to/<USER>.ovpn]]></screen></section></section><section><title>Checking if you are connected</title><section><title>On Debian</title><orderedlist numeration="arabic"><listitem><para>Try to ping the FreedomBox or other devices on the local network. </para></listitem><listitem><para>Running the command <code>ip addr</code> should show a <code>tun0</code> connection. </para></listitem><listitem><para>The command <code>traceroute freedombox.org</code> should show you the ip address of the VPN server as the first hop. </para></listitem></orderedlist></section></section><section><title>External Links</title><para><ulink url="https://community.openvpn.net/openvpn"/> </para><para>Back to <ulink url="https://wiki.debian.org/FreedomBox/Manual/OpenVPN/FreedomBox/Features#">Features introduction</ulink> or <ulink url="https://wiki.debian.org/FreedomBox/Manual/OpenVPN/FreedomBox/Manual#">manual</ulink> pages. </para><!--rule (<hr>) is not applicable to DocBook--><informaltable><tgroup cols="8"><colspec colname="col_0"/><colspec colname="col_1"/><colspec colname="col_2"/><colspec colname="col_3"/><colspec colname="col_4"/><colspec colname="col_5"/><colspec colname="col_6"/><colspec colname="col_7"/><tbody><row rowsep="1"><entry colsep="1" rowsep="1"><para><emphasis role="strong">Information</emphasis></para></entry><entry colsep="1" rowsep="1"/><entry colsep="1" rowsep="1"/><entry colsep="1" rowsep="1"><para><emphasis role="strong">Support</emphasis></para></entry><entry colsep="1" rowsep="1"><para><emphasis role="strong">Contribute</emphasis></para></entry><entry colsep="1" rowsep="1"/><entry colsep="1" rowsep="1"><para><emphasis role="strong">Reports</emphasis></para></entry><entry colsep="1" rowsep="1"><para><emphasis role="strong">Promote</emphasis></para></entry></row><row rowsep="1"><entry colsep="1" rowsep="1"><para><ulink url="https://wiki.debian.org/FreedomBox/Manual/OpenVPN/FreedomBox/Introduction#">Overview</ulink> </para></entry><entry colsep="1" rowsep="1"><para><ulink url="https://wiki.debian.org/FreedomBox/Manual/OpenVPN/FreedomBox/Hardware#">Hardware</ulink> </para></entry><entry colsep="1" rowsep="1"><para><emphasis role="strong"> </emphasis></para></entry><entry colsep="1" rowsep="1"><para><ulink url="https://wiki.debian.org/FreedomBox/Manual/OpenVPN/FreedomBox/Support#">Live Help</ulink> </para></entry><entry colsep="1" rowsep="1"><para><ulink url="https://wiki.debian.org/FreedomBox/Manual/OpenVPN/FreedomBox/Contribute#">Where To Start</ulink> </para></entry><entry colsep="1" rowsep="1"><para><ulink url="https://wiki.debian.org/FreedomBox/Manual/OpenVPN/FreedomBox/Translate#">Translate</ulink> </para></entry><entry colsep="1" rowsep="1"><para><ulink url="https://wiki.debian.org/FreedomBox/Manual/OpenVPN/FreedomBox/ProgressCalls#">Calls</ulink> </para></entry><entry colsep="1" rowsep="1"><para><ulink url="https://wiki.debian.org/FreedomBox/Manual/OpenVPN/FreedomBox/TalksAndPresentations#">Talks</ulink> </para></entry></row><row rowsep="1"><entry colsep="1" rowsep="1"><para><ulink url="https://wiki.debian.org/FreedomBox/Manual/OpenVPN/FreedomBox/Features#">Features</ulink> </para></entry><entry colsep="1" rowsep="1"><para><ulink url="https://wiki.debian.org/FreedomBox/Manual/OpenVPN/FreedomBox/Vision#">Vision</ulink> </para></entry><entry colsep="1" rowsep="1"><para><emphasis role="strong"> </emphasis></para></entry><entry colsep="1" rowsep="1"><para><ulink url="https://wiki.debian.org/FreedomBox/Manual/OpenVPN/FreedomBox/QuestionsAndAnswers#">Q&amp;A</ulink> </para></entry><entry colsep="1" rowsep="1"><para><ulink url="https://wiki.debian.org/FreedomBox/Manual/OpenVPN/FreedomBox/Design#">Design</ulink> </para></entry><entry colsep="1" rowsep="1"><para><ulink url="https://wiki.debian.org/FreedomBox/Manual/OpenVPN/FreedomBox/TODO#">To Do</ulink> </para></entry><entry colsep="1" rowsep="1"><para><ulink url="https://wiki.debian.org/FreedomBox/Manual/OpenVPN/FreedomBox/ReleaseNotes#">Releases</ulink> </para></entry><entry colsep="1" rowsep="1"><para><ulink url="https://wiki.debian.org/FreedomBox/Manual/OpenVPN/FreedomBox/Press#">Press</ulink> </para></entry></row><row rowsep="1"><entry colsep="1" rowsep="1"><para><ulink url="https://wiki.debian.org/FreedomBox/Manual/OpenVPN/FreedomBox/Download#">Download</ulink> </para></entry><entry colsep="1" rowsep="1"><para><ulink url="https://wiki.debian.org/FreedomBox/Manual/OpenVPN/FreedomBox/Manual#">Manual</ulink> </para></entry><entry colsep="1" rowsep="1"><para><emphasis role="strong"> </emphasis></para></entry><entry colsep="1" rowsep="1"/><entry colsep="1" rowsep="1"><para><ulink url="https://wiki.debian.org/FreedomBox/Manual/OpenVPN/FreedomBox/Contribute/Code#">Code</ulink> </para></entry><entry colsep="1" rowsep="1"><para><ulink url="https://wiki.debian.org/FreedomBox/Manual/OpenVPN/FreedomBox/Contributors#">Contributors</ulink> </para></entry><entry colsep="1" rowsep="1"/><entry colsep="1" rowsep="1"><para><ulink url="https://wiki.debian.org/FreedomBox/Manual/OpenVPN/FreedomBox/Blog#">Blog</ulink> </para></entry></row></tbody></tgroup></informaltable><para><!--"~-smaller-~" is not applicable to DocBook-->HELP &amp; DISCUSSIONS: <ulink url="https://discuss.freedombox.org">Discussion Forum</ulink> - <ulink url="https://lists.alioth.debian.org/mailman/listinfo/freedombox-discuss">Mailing List</ulink> - <ulink url="irc://irc.debian.org/freedombox">#freedombox irc.debian.org</ulink> | CONTACT <ulink url="https://freedomboxfoundation.org/">Foundation</ulink> | JOIN <ulink url="https://salsa.debian.org/freedombox-team/">Project</ulink> </para><para><link linkend="">Next call</link>: Saturday, June 8th at 14:00 UTC </para><para><link linkend="">Latest news</link>: Announcing Pioneer FreedomBox Kits - 2019-03-26 </para><para>This page is copyright its contributors and is licensed under the <ulink url="https://creativecommons.org/licenses/by-sa/4.0/">Creative Commons Attribution-ShareAlike 4.0 International (CC BY-SA 4.0)</ulink> license. </para><!--rule (<hr>) is not applicable to DocBook--><para> <ulink url="https://wiki.debian.org/FreedomBox/Manual/OpenVPN/CategoryFreedomBox#">CategoryFreedomBox</ulink> </para></section></section></article>
Reference in New Issue View Git Blame Copy Permalink