To set up a client (regardless of the distribution or operating system) you will need to copy the ca.crt, server.crt, and server.key files from /etc/openvpn/rsa/keys.
You can do this using sftp in Linux or another FTP client and place them in a directory within your /home (in Linux) or in the config folder (its exact location depends on where you installed the client, most likely in another folder called OpenVPN inside Program Files):
Let’s take a look at the contents of the configuration directory in the Linux client. You will note that there’s a file named client.ovpn. This is the main configuration file for the client. If you did not change the default port (1194), you will only need to indicate the IP address of your VPN server. The paths for the certificate and key files are relative to the same directory where client.ovpn is located:
OpenVPN Linux Client Configuration
The configuration folder in the Windows client:
To start OpenVPN in the client:
Install OpenVPN on Linux (CLI). Update repository. Yum install epel-release. Sudo xbps-install -S. Install OpenVPN. Apt install openvpn. Yum install openvpn. Sudo xbps-install openvpn. Download our default SE1 configuration file here or generate a custom one here. How to set up an OpenVPN server. To begin, you will need to have OpenVPN installed on the server or system you wish to use as a VPN end-point. Most distributions include OpenVPN; for the server setup, I am using OpenVPN 2.0.9 as provided by the RPMForge repository for CentOS 5.
As Administrator, start OpenVPN GUI from Start –>All programs –>OpenVPN, and it will be launched in the background.
Now fire up a browser and open http://whatismyip.org/ and you should see the IP of your OpenVPN server instead of the public IP provided by your ISP:
OpenVPN Client Connection
Although in this article we used the generic name server for our VPN server, you can use another name if you want. If that is the case, you will need to rename the configuration file (server.conf) to somethingelse.conf and edit the following lines in the that file:
In addition, you can have the VPN service start automatically on boot in the Linux client by adding the following line as a crontab entry:
Finally, to set up the required routing as shown in the first image of this article (to enable communication with another machine on the other end of the VPN server), we will need to enable IP forwarding by setting in /etc/sysctl.conf (for future reboots).
and
for the setting to take effect immediately.
In this article we have explained how to set up and configure a VPN server using OpenVPN, and how to set up two remote clients (a Linux box and a Windows machine). You can now use this server as a VPN gateway to secure your web browsing activities. With a little extra effort (and another remote server available) you can also set up a secure file / database server, to name a few examples.
We look forward to hearing from you, so feel free to drop us a note using the form below. Comments, suggestions, and questions about this article are most welcome.