This tutorial will illustrate how to install OpenVPN on a Linux box using Fedora 9 as a server and using Windows XP as your client PC. This is totally free and you will be able to connect to your Virtual Private Network (VPN) all around the world with no problem.
Steps:
- Open up “
Terminal
“
- Become a super user type “
su
“
- Now your password
- Type “
yum install openvpn
“
- Copy the RSA keys to the openvpn folder
cp -R /usr/share/openvpn/easy-rsa/ /etc/openvpn
cd /etc/openvpn/easy-rsa/2.0/
- Make a directory for your keys
mkdir /etc/openvpn/keys
- Edit “
vars
” by typing
nano vars
- Set the parameters for
KEY_COUNTRY
, KEY_PROVINCE
, KEY_CITY
, KEY_ORG
and KEY_MAIL
as desired
- add this new line “
export KEY_DIR="/etc/openvpn/keys"
“
- Initialize PKI
. ./vars
- Clean
./clean-all
- Build CA
./build-ca
- Build server key
./build-key-server server
Answer “y
“, then “y
“
- Generate certificates for your clients
./build-key client1
Answer “y
“, then “y
”
NOTE: If you want to add future users.
do a “source ./vars” THEN build your key
- Generate Diffie Hellman parameters
./build-dh
- Copy server configuration files and edit
cp /usr/share/doc/openvpn-2.1/sample-config-files/server.conf /etc/openvpn/
cd /etc/openvpn
nano server.conf
- Go to these lines and edit them
cert keys/server.crt
key keys/server.key
dh keys/dh1024.pem
client-to-client
if you want to have your VPN being route to your LAN then take out ; from push “route 192.168.1.0 255.255.255.0” and change to the current settings of your LAN
- You are almost done. 😉 Now start your OpenVPN server
service openvpn start
chkconfig openvpn on
- To setup the client. Go to your windows machine and you will go to this site http://openvpn.se/download.html and download their GUI and install it, once you are done come back and finish this 😀
- Download the ca.crt, client1.crt and client1.key to the windows machine from your linux box. insert these files in “
C:\Program Files\OpenVPN\config
“.
- Copy the sample file from “
C:\Program Files\OpenVPN\sample-config\client.ovpn
” and paste it on “C:\Program Files\OpenVPN\config
“
- Now edit your client.ovpn and configure it. Open “
Notepad
“.
- Edit “
remote my-server-1 1194
” where my-server-1 is going to be the ip address of your server
- Edit
ca ca.crt
cert client.crt
key client.key
where these now are going to be
ca ca.crt
cert client1.crt
key client1.key
- Take out ; for the ns-cert-type server
- And that’s it. you should be able to connect to your server and to others computers in that LAN. Congrats. If you wan to test your connection “ping 10.8.0.” which it is your VPN server.
If you are having any trouble with the connection please make sure that your firewall is allowing port 1194. If you are behind a NAT also make sure that you are allowing that port.
NOTE: This tutorial worked for me but it might not work for you. So it is not grantee. Do it at your own risk.