Debian: Konfigurasi OpenVPN Site-to-Site

Topologi

Server1 <> Server2

IP :

Server1 172.17.1.253

Server2 172.17.1254

IP Lokal:

Server1 : 10.1.1.0/24

Server2: 10.2.2.0/24 10.2.3.0/24

Server1

Allow Packet Forwarding

nano /etc/sysctl.conf
net.ipv4.ip_forward=1

sysctl net.ipv4.ip_forward=1

Install OpenVPN

apt install openvpn -y
cd /etc/openvpn/
cp /usr/share/doc/openvpn/examples/sample-config-files/static-home.conf s2s.conf

nano s2s.conf
dev tun
float //tambah sendiri
remote 172.17.1.254 //IP PTP Publik
ifconfig 10.0.0.1 10.0.0.2 //IP PTP VPN
secret /etc/openvpn/secret.key //Secret key
port 1194
user nobody
group nogroup
route 10.2.2.0 255.255.255.0 //IP Lokal Lawan
route 10.2.3.0 255.255.255.0 //IP Lokal Lawan

Generate Secret Key

openvpn --genkey --secret /etc/openvpn/secret.key

Server2

Allow Packet Forwarding

nano /etc/sysctl.conf
net.ipv4.ip_forward=1

sysctl net.ipv4.ip_forward=1

Install OpenVPN

apt install openvpn -y
cd /etc/openvpn/
cp /usr/share/doc/openvpn/examples/sample-config-files/static-home.conf s2s.conf

nano s2s.conf
dev tun
float //tambah sendiri
remote 172.17.1.253 //IP PTP Publik
ifconfig 10.0.0.2 10.0.0.1 //IP PTP VPN
secret /etc/openvpn/secret.key //Secret key
port 1194
user nobody
group nogroup
route 10.1.1.0 255.255.255.0 //IP Lokal Lawan

Transfer Secret Key dari Server1 ke Server2

Install SSH & Allow Root Login SSH di Server2

apt install openssh-server -y
nano /etc/ssh/sshd_config
PermitRootLogin yes

service sshd restart

Transfer menggunakan scp

scp /etc/openvpn/secret.key [email protected]:/etc/openvpn/

Menjalankan Service OpenVPN (Jalankan di dua Server)

systemctl enable openvpn@s2s
systemctl start openvpn@s2s

Berhasil!! Silakan dicoba

Leave a Reply

Your email address will not be published. Required fields are marked *