- open UDP port 1194 using EC2 security groups
sudo apt-get install openvpn
sudo openvpn —genkey —secret /etc/openvpn/openvpn-key.txt
sudo modprobe iptable_nat
echo 1 | sudo tee /proc/sys/net/ipv4/ip_forward
sudo iptables -t nat -A POSTROUTING -s 10.8.0.1/2 -o eth0 -j MASQUERADE
/etc/openvpn/openvpn.conf
port 1194
proto udp
dev tun
secret openvpn-key.txt
ifconfig 10.8.0.1 10.8.0.2
push "redirect-gateway def1"
push "dhcp-option DNS 8.8.8.8"
keepalive 10 120
comp-lzo
persist-key
persist-tun
status server-tcp.log
verb 3
sudo service openvpn restart
-
If you want to persist your iptables rules:
iptables-save > /etc/iptables-up.rules
In
/etc/network/interfaces
add this line after the eth0 directives:post-up /sbin/iptables-restore < /etc/iptables-up.rules
-
install tunnelblick
-
copy key content from EC2 server
/etc/openvpn/openvpn-key.txt
into~/Library/Application\ Support/Tunnelblick/Configurations/openvpn-key.txt
-
launch tunnelblick, and create a new config with
dev tun
proto udp
port 1194
remote your-server-address
resolv-retry infinite
nobind
secret openvpn-key.txt
ifconfig 10.8.0.2 10.8.0.1
comp-lzo
verb 3
redirect-gateway def1