Apr 20 2014 
Support Center » Knowledgebase » Linux VPS » How to install and configure openvpn on your linux vps(server and client)
 How to install and configure openvpn on your linux vps(server and client)
Solution If your vps has plesk panel, then you can install and use the openvpn module provided by plesk via the plesk gui. If you have cpanel/directadmin/webmin, use the following:

Part 1:
Login to your vps via ssh as root:

1.Download openvpn and save it to a folder,say, /etc/openvpn
wget http://openvpn.net/release/openvpn-2.0.tar.gz (Please download latest stable version available)
Download it to local machine too.

2.Check the file release signature:
md5sum openvpn-2.0.tar.gz //and check its the same as in http://openvpn.net/sig.html

3.tar -xvzf openvpn-2.0.tar.gz
cd openvpn-2.0
./configure
If it gives the error:
"LZO library and headers not found.
LZO library available from http://www.oberhumer.com/opensource/lzo/
configure: error: Or try ./configure --disable-lzo"

download lzo:
cd ..
wget http://www.oberhumer.com/opensource/lzo/download/lzo-1.08.tar.gz
tar -xvzf lzo-1.08.tar.gz
cd lzo-1.08
./configure
make
make check
make test
make install

cd ../openvpn-2.0
./configure
make
make install

* We are using the routing method. (Refer http://openvpn.net/howto.html#vpntype for details)

4. Generate a master CA certificate/key, a server certificate/key, and certificates/keys for clients:

On server:

cd easy-rsa/ (folder inside openvpn source dir)
. ./vars
./clean-all
a) ./build-ca //Give the details it asks for

b) ./build-key-server server //Give the details it asks for & yes for both qns.

c) ./build-key client1 //where client1 is the 'common name' you wish to give for first client. Give same details as above for rest of it
* If you plan to use more than one client, you need to repeat 4.c step for each client differentiated by the client name (client1, client2, client3 etc) and copy respective key/crt to the client machines

d) ./build-dh

ls keys

5. On server:
cd ../sample-config-files/
vi server.conf //Give the path to the key,ca,cert and dh, rest should be fine with default values. 10.8.0.1 will be the default IP used by server and subsequent ips will be given to connecting clients.

6. Make sure port 1194 is open on the server/ve firewall, if any.

7. On server start openvpn from source dir:

./openvpn sample-config-files/server.conf

should read "Initialization Sequence Completed" towards the end

Part 2: (Use this if your home/office computer is a linux/unix machine)

On local/client machine: (linux/*nix)
(Naming this client client1)

1.Install openvpn package (Repeat steps 1 to 3 of Part1)
2.Copy over client1.key, client1.crt and ca.crt from server to client1 machine.
3. Find sample-config-files/client.conf and edit it,
Give path to the clientkey,cleint cert and ca.crt on the client1 machine
Edit the 'remote' directive to point to the hostname/IP address and port number of the OpenVPN server

eg:
remote 204.157.7.143 1194
ca /root/openvpn/openvpn-2.0/easy-rsa/keys/ca.crt
cert /root/openvpn/openvpn-2.0/easy-rsa/keys/client1.crt
key /root/openvpn/openvpn-2.0/easy-rsa/keys/client1.key

Start openvpn from source dir:
./openvpn sample-config-files/client.conf

should read "Initialization Sequence Completed" towards the end too.

If it throws up some error about the certificate/key, run:

openssl verify -CAfile ca.crt -purpose sslclient client1.crt //To verify the cert

It should output:
client1.crt: OK
if everything is okay.
Also it might need both server and client to have the same date/time/timezone setup.

Part 3: ((Use this if your home/office computer is a windows machine)

Now for a windows client:

(Naming this client "client2" )

Install openvpn:

1. download openvpn package(includes openvpn+openvpn gui) for windows from
http://openvpn.se/files/install_packages/openvpn-2.0-gui-1.0-install.exe
Run the install program.

2.Then copy client2.key, client2.crt and ca.crt from openvpn server to client2 machine.
(You need to create a cert/key for this client as well using step 4.c above)

3. Go to Start -> programs -> openvpn -> openvpn sample configuration files folder
and edit the client.ovpn file with notepad:
Give path to the clientkey,cleint cert and ca.crt on the client2 machine
Edit the 'remote' directive to point to the hostname/IP address and port number of the OpenVPN server

eg. remote 204.157.7.143 1194
ca C:\Program Files\ca.crt
crt C:\Program Files\client2.crt
key C:\Program Files\client2.key

and save the file.

4. Right click on client.ovpn -> Start OpenVPN on this config file

should read "Initialization Sequence Completed" towards the end
which means an openvpn connection has been setup.
Once running in this fashion, several keyboard commands are available:
F1 -- Conditional restart (doesn't close/reopen TAP adapter)
F2 -- Show connection statistics
F3 -- Hard restart
F4 -- Exit
When OpenVPN GUI is started from Start -> programs -> openvpn -> openvpn GUI, an icon will be displayed in the taskbar's
status area.

For details about openvpn installation, configuration and advanced usage, please refer:
http://openvpn.net/howto.html
http://openvpn.se/install.txt
http://openvpn.se/install.txt


Article Details
Article ID: 80
Created On: Jan 23 2009 04:03 PM

 This answer was helpful  This answer was not helpful

 Back
 Login [Lost Password] 
Email:
Password:
Remember Me:
 
 Search
 Article Options
Home | Register | Knowledgebase
Language:

Help Desk Software By Kayako eSupport v3.60.02