OpenVPN 2.3.6 on Centos 6

Install Epel repository

rpm -Uvh http://dl.fedoraproject.org/pub/epel/6/x86_64/epel-release-6-8.noarch.rpm

install openvpn

yum install openvpn nano
cd /etc/openvpn
wget https://github.com/OpenVPN/easy-rsa/releases/download/v3.0.0-rc2/EasyRSA-3.0.0-rc2.tgz
tar -zxvf EasyRSA-3.0.0-rc2.tgz
mv EasyRSA-3.0.0-rc2 server
cd /etc/openvpn/server
./easyrsa init-pki
./easyrsa build-ca
./easyrsa gen-req server nopass
./easyrsa gen-dh
cp /etc/openvpn/server/pki/ca.crt /etc/openvpn/
cp /etc/openvpn/server/pki/issued/server.crt /etc/openvpn/
cp /etc/openvpn/server/pki/dh.pem /etc/openvpn/
cp /etc/openvpn/server/pki/private/server.key /etc/openvpn/

Generate client.
This procedure should be repeated for each client but using a different names (client2, client3 ...)

cd /etc/openvpn
wget https://github.com/OpenVPN/easy-rsa/releases/download/v3.0.0-rc2/EasyRSA-3.0.0-rc2.tgz
tar -zxvf EasyRSA-3.0.0-rc2.tgz
mv EasyRSA-3.0.0-rc2 client1
cd client1
./easyrsa init-pki
./easyrsa gen-req client1 nopass
./easyrsa import-req /etc/openvpn/client1/pki/reqs/client1.req client1
./easyrsa sign-req client client1

Enable forwarding

nano /etc/sysctl.conf

Set the following value

net.ipv4.ip_forward = 1

Apply

sysctl -p

Add firewall rules.
Change venet0 to your actual interface.

iptables -A FORWARD -i tun+ -o venet0 -j ACCEPT
iptables -t nat -A POSTROUTING -s 10.8.0.0/24 -o venet0 -j MASQUERADE
iptables-save >/etc/sysconfig/iptables
service iptables restart

Create openvpn conf file

nano /etc/openvpn/server.conf

Paste the following lines

port 1194
proto udp
dev tun
ca ca.crt
cert server.crt
key server.key  # This file should be kept secret
dh dh.pem
server 10.8.0.0 255.255.255.0
push "redirect-gateway def1"
ifconfig-pool-persist ipp.txt
keepalive 10 120
comp-lzo
persist-key
persist-tun
status openvpn-status.log
verb 3

Start openvpn

service openvpn start
chkconfig openvpn on
chkconfig iptables on

 


The files you will need on a client side:

/etc/openvpn/client/pki/private/client1.key
/etc/openvpn/server/pki/issued/client1.crt
/etc/openvpn/server/pki/ca.crt
/etc/openvpn/server/pki/dh.pem

How to configure OpenVPN client on Windows

 

 

  • Add user (cert) to existent OpenVPN users DB:

You simply should source the vars before creating the key . Use one of the next ways:

". vars" 

or

". ./vars" 

or

"source ./vars"

After that you can build key for new user:

./build-key client_new

 


Also refer to this guide if you would like to install double vpn

Was this answer helpful?

 Print this Article

Also Read

php increase max file size upload

For increase maximum size of uploads file you should set only one setting in php.ini. Set...

Clear swap in Centos

Print memory usage [root@localhost]# free -m              total       used       free...

!!Actual Linux KB located : wiki.vpsget.com ***

Linux kb/wiki moved to opur wiki pages and all new articled publiched here:...

How to check connectivity/network speed of your VPS

If you concerned about network speed of your vps you can test it by downloading some test...

Php

Can I help you? Our agents are ready to assist you. Click "Chat Now" to be...