Daily Archives: July 30, 2008

Setting up an OpenVPN

This tutorial will illustrate how to install OpenVPN on a Linux box using Fedora 9 as a server and using Windows XP as your client PC. This is totally free and you will be able to connect to your Virtual Private Network (VPN) all around the world with no problem.

Steps:

  1. Open up “Terminal
  2. Become a super user type “su
  3. Now your password
  4. Type “yum install openvpn
  5. Copy the RSA keys to the openvpn folder
    cp -R /usr/share/openvpn/easy-rsa/ /etc/openvpn
    cd /etc/openvpn/easy-rsa/2.0/
  6. Make a directory for your keys
    mkdir /etc/openvpn/keys
  7. Edit “vars” by typing
    nano vars
  8. Set the parameters for KEY_COUNTRY, KEY_PROVINCE, KEY_CITY, KEY_ORG and KEY_MAIL as desired
  9. add this new line “export KEY_DIR="/etc/openvpn/keys"
  10. Initialize PKI
    . ./vars
  11. Clean
    ./clean-all
  12. Build CA
    ./build-ca
  13. Build server key
    ./build-key-server server

    Answer “y“, then “y

  14. Generate certificates for your clients
    ./build-key client1

    Answer “y“, then “y

    NOTE: If you want to add future users.
    do a “source ./vars” THEN build your key

  15. Generate Diffie Hellman parameters
    ./build-dh
  16. Copy server configuration files and edit
    cp /usr/share/doc/openvpn-2.1/sample-config-files/server.conf /etc/openvpn/
    cd /etc/openvpn
    nano server.conf
  17. Go to these lines and edit them
    cert keys/server.crt
    key keys/server.key
    dh keys/dh1024.pem
    client-to-client

    if you want to have your VPN being route to your LAN then take out ; from push “route 192.168.1.0 255.255.255.0” and change to the current settings of your LAN

  18. You are almost done. 😉 Now start your OpenVPN server
    service openvpn start
    chkconfig openvpn on
  19. To setup the client. Go to your windows machine and you will go to this site http://openvpn.se/download.html and download their GUI and install it, once you are done come back and finish this 😀
  20. Download the ca.crt, client1.crt and client1.key to the windows machine from your linux box.  insert these files in “C:\Program Files\OpenVPN\config“.
  21. Copy the sample file from “C:\Program Files\OpenVPN\sample-config\client.ovpn” and paste it on “C:\Program Files\OpenVPN\config
  22. Now edit your client.ovpn and configure it.  Open “Notepad“.
  23. Edit “remote my-server-1 1194” where my-server-1 is going to be the ip address of your server
  24. Edit
    ca ca.crt
    cert client.crt
    key client.key

    where these now are going to be
    ca ca.crt
    cert client1.crt
    key client1.key

  25. Take out ; for the ns-cert-type server
  26. And that’s it.  you should be able to connect to your server and to others computers in that LAN.  Congrats.  If you wan to test your connection “ping 10.8.0.” which it is your VPN server.

If you are having any trouble with the connection please make sure that your firewall is allowing port 1194.  If you are behind a NAT also make sure that you are allowing that port.

NOTE: This tutorial worked for me but it might not work for you. So it is not grantee.  Do it at your own risk.