Comprehensive OpenVPN Tutorial

on linux security, openvpn, home networking, iptables, firewall

In this tutorial, we will look at managing an openvpn server and certificate authority and will provide a detailed breakdown of the configuration options Table of contents Setting up a CA Build the CA environment Generate the CA certificate Generate the CRL certificate Server Preparation Build the server environment Generate DH parameters Generate the certificate signing request Remove the passphrase on the server key Setting up the HMAC/TLS auth static key Creating a template for clientsIptables Firewall settings Client preparation Build the client environment Generate the certificate request Connecting clients Signing requests on the CA Importing a requestSigning a…

read more...

Network Basics: The DHCP client

on dhcp, home networking, ipv4, networking, networking basics

So what is DHCP? How automatic configuration works The DHCP client When you bring your laptop over to your buddies house and plug into their network, your internet is ready by "magic". This is achieved by the DHCP client daemon dhcpcd. When a new network link comes on line (e.g plugging in an ethernet cable, or connecting over WiFi), your machine sends announces itself to all devices on the link, and, if present, a DHCP server (usually the network's router) replies back, informing your computer of the settings for the particular network, and reserves you an IP…

read more...

Network basics: Link Local Addressing and 169.254.x.x

on networking basics, dhcp, home networking, troubleshooting, ipv4

What are those 169.254.x.x addresses all about? An look at IPv4 Link Local Addressing Earlier, we looked at DHCP. A familiar experience of troubleshooting networks is that when something breaks, Windows spends a while trying to connect, and eventually gives a seemingly meaningless address in the range of 169.254.xx.xx. Why does it do this? What are these addresses? Are they useful? The IANA (the international body that governs internet numbering and addressing) has reserved the range 169.254.0.0 - 169.254.255.255 as "link local address space". When Windows…

read more...