[arm-allstar] OpenVPN & Hamvoip

Mike Sullivan kn4imu at gmail.com
Tue Sep 15 20:42:41 EDT 2020 

Rob, I appreciate you sharing your experience. I have been using OpenVPN as
well and typed up a guide to help those that are new to it. Do you mind if
I steal a couple of pointers from yours for it? The main thing I wanted to
add is the client.conf change in rc.allstar.

Also, have you tried multiple clients on one VPN? I would like to combine
two nodes for one club onto one server is possible, instead of individual
servers, but never quite figured out multiple clients on OpenVPN.

Mike Sullivan



On Mon, Sep 7, 2020 at 10:54 AM "Rob Seaman via ARM-allstar" <
arm-allstar at hamvoip.org> wrote:

> Hi All,
>
> After some experimenting, I managed to get one of my Allstar nodes,
> located a few hundred miles away on a LTE cellular modem, working with
> OpenVPN.
>
> The node is unreachable by conventional internet means because of CGNAT,
> so I've been using a reverse SSH tunnel fairly successfully need to connect
> to it remotely, except for the time my local node had a corrupted SD card
> and crashed.
>
> I thought I'd share my experience here in case anyone was wanting to try
> the same.
>
> I started with setting up my own OpenVPN server on a small VPS with a
> local provider in my city. VPS specs are 1GB RAM, 20GB storage & 1TB data
> transfer.
>
> I followed these guides:
>
>
> https://computingforgeeks.com/easy-way-to-install-and-configure-openvpn-server-on-ubuntu/
>
>
> https://www.cyberciti.biz/faq/ubuntu-18-04-lts-set-up-openvpn-server-in-5-minutes/
>
>
> https://www.cyberciti.biz/faq/howto-setup-openvpn-server-on-ubuntu-linux-14-04-or-16-04-lts/
>
> https://whattheserver.com/openvpn-server-with-port-forwarding<
> https://whattheserver.com/openvpn-server-with-port-forwarding/>/
>
> Moving next to your remote Allstar node to connect into the VPN
>
> 1.  Generate .ovpn/.conf profile on your VPS server. I use the callsign of
> the node or node number
> 2.  Copy .ovpn profile to node (/etc/openvpn) and rename to .conf.
> 3.  Add "--pull-filter ignore redirect-gateway" to .conf profile on node
> if you wish to not forward Allstar traffic via VPN.
> 4.  Update OpenVPN package on node, as the included version didn't work
> with my server version.  Use pacman -S hamvoip-openvpn
> 5.  Test OpenVPN connection.  openvpn <profile-name>.conf  (eg:  openvpn
> vk6ld.conf)
> 6.  Change /usr/local/etc/allstar.env file to VPN enabled
> 7.  Change /usr/local/etc/rc.allstar file - from client.conf to <callsign
> or node number>.conf
> 8.  Reboot node and VPN connection should come up.  You should see the VPN
> tunnel is alive with command ifconfig or at the top of the Admin Menu
> window.
>
> I also setup an OpenVPN profile on my Win10 computer and can now SSH to
> the node, as well as use Supermon on the node.
>
> There may be steps I missed, but I managed to repeat the exercise on a
> second node from my own notes and it worked again second time around.
>
> Hope this helps.
>
> Cheers,
>
> Rob...
> VK6LD
>
>
> _______________________________________________
>
> ARM-allstar mailing list
> ARM-allstar at hamvoip.org
> http://lists.hamvoip.org/cgi-bin/mailman/listinfo/arm-allstar
>
> Visit the BBB and RPi2/3/4 web page - http://hamvoip.org
>

More information about the ARM-allstar mailing list