How to create multi-server vpn

[genlight]

Can somebody teach me how to create a multi-server vpn? Thanks.

[Bebop]

Can somebody teach me how to create a multi-server vpn

Easier than you might have thought.

First: Can you create a single server VPN?

If yes, then its very easy for you to create multi-server.

The simple and short answer is -- Just create more .conf files, and start openvpn as a daemon. For more detailed explanation, read on.

I'll give you example for 3 server VPN.

Go to your default openvpn directory. example:

Code: Select all

cd /etc/openvpn

create server01.conf, server02.conf, server03.conf. Example:

Code: Select all

touch ./server01.conf
touch ./server02.conf
touch ./server03.conf

Configure each server.conf to be a new server.

server01.conf:

Code: Select all

port 1194
proto udp
dev tun
server 10.8.1.0 255.255.255.0

server02.conf:

Code: Select all

port 1194
proto udp
dev tun
server 10.8.2.0 255.255.255.0

server03.conf:

Code: Select all

port 1194
proto udp
dev tun
server 10.8.3.0 255.255.255.0

restart openvpn as daemon.

Centos

Code: Select all

service openvpn restart

Debian

Code: Select all

/etc/init.d/openvpn restart

[hostizzle]

I have separate directories for each server, and keep each server.conf in each subdirectory.

Theoretically this would make it possible to keep keys for each server separate.

This also gives you different logs in each subdirectory, in case you have to troubleshoot stuff.

[Bebop]

I have separate directories for each server, and keep each server.conf in each subdirectory.

Theoretically this would make it possible to keep keys for each server separate.

This also gives you different logs in each subdirectory, in case you have to troubleshoot stuff.

None of those are reasons to store .conf outside of /etc/openvpn, because the key and log locations you mentioned are taken from .conf regardless. You can have as many sub-directories for keys and logs as you wish, however, .conf can stay with /etc/openvpn.

IMO the valid reason to potentially store .conf in a sub-directory is if you want to start your multiple servers manually, one by one, then thats a legitimate reason to move .confs to a sub-directory.

As for me, I prefer to have the daemon starting my servers for me. if any server needs to be started manually (not automatically), then it can be moved to a sub-directory.

[arvpnick]

Code: Select all

port 1194
proto udp
dev tun
server 10.8.1.0 255.255.255.0

Code: Select all

port 1194
proto udp
dev tun
server 10.8.2.0 255.255.255.0

Code: Select all

port 1194
proto udp
dev tun
server 10.8.3.0 255.255.255.0

are this the IP addresses?

Code: Select all

10.8.1.0,10.8.2.0,10.8.2.3

so what do i need to buy? an extra IP's or do i have to purchase another vps? thanks in advance.

[arvpnick]

i found a multi-server vpn provider somewhere on the net, they claimed they 5 servers and i found out that they only have one security certificate on the installer they provided and 5 ovpn files.
here's 5 the client config

Code: Select all

client
dev tun
remote xxx.xxx.xx.xx
ca crt/ca.crt

Code: Select all

client
dev tun
remote qqq.qqq.qq.qq
ca crt/ca.crt

Code: Select all

client
dev tun
remote yyy.yyy.yy.yy
ca crt/ca.crt

Code: Select all

client
dev tun
remote zzz.zzz.zz.zz
ca crt/ca.crt

Code: Select all

client
dev tun
remote www.www.ww.ww
ca crt/ca.crt

values of the IP addresses are the only thing that is changing.

[Bebop]

so what do i need to buy

arvpnick = genlight?

teach me how to create a multi-server vpn

Multi-server VPN. What specifically do you mean?

• 1 hardware server with multiple OpenVPN server instances?
• Multiple hardware servers?
• Multiple internet tunnels?
• Multiple WAN IP addresses?

[Douglas]

I assume by multi-server VPN you mean chaining VPN's

[xauen]

I suppose its what he means.. chaining multiple vpn server
using one authentication system.

Im looking for this also sire.

Can you please help me out?