This tutorial will describe securing access to a private network using a Pritunl server. The diagram below shows the network topology for this tutorial.
First remove the 0.0.0.0/0 route from the server. This route tunnels all internet traffic over the vpn, for this setup only the traffic for the private network will be tunneled. Continue reading “Accessing private network using pritunl VPN” »
Update your bare-bone and freshly installed Ubuntu 16 system.
sudo apt-get update && sudo apt-get upgrade
Add Pritunl’s APT repository and update the package lists:
echo "deb http://repo.mongodb.org/apt/ubuntu trusty/mongodb-org/3.0 multiverse" > /etc/apt/sources.list.d/mongodb-org-3.0.list echo "deb http://repo.pritunl.com/stable/apt trusty main" > /etc/apt/sources.list.d/pritunl.list
Add repo keys for apt to validate against
apt-key adv --keyserver hkp://keyserver.ubuntu.com --recv 7F0CEB10 apt-key adv --keyserver hkp://keyserver.ubuntu.com --recv CF8E292A
Update the package cache
sudo apt-get update
If you have a firewall running on the Linode, add exceptions for Pritunl’s Web UI and server:
sudo iptables -A INPUT -p udp -m udp --sport 9700 --dport 1025:65355 -j ACCEPT sudo iptables -A INPUT -p tcp -m tcp --sport 9700 --dport 1025:65355 -j ACCEPT sudo iptables -A INPUT -p `your protocol here` -m `your protocol here` --sport `your_port_here` --dport 1025:65355 -j ACCEPT
NoteIf you’ve configured the firewall according to the Securing Your Server guide, be sure to add these port ranges to the /etc/iptables.firewall.rules file.
Install Pritunl and its required dependencies:
sudo apt-get install python-software-properties pritunl mongodb-org
Start the Pritunl service:
sudo service pritunl start
Open a web browser on your computer, and navigate to https://123.45.67.89:9700, replacing 123.45.67.89 with your VM IP address. You will see a screen similar to this:
Continue reading “Install Pritunl on Ubuntu 16” »
