OpenVPN 2.3.6 on Centos 6

Install Epel repository

rpm -Uvh

install openvpn

yum install openvpn nano
cd /etc/openvpn
tar -zxvf EasyRSA-3.0.0-rc2.tgz
mv EasyRSA-3.0.0-rc2 server
cd /etc/openvpn/server
./easyrsa init-pki
./easyrsa build-ca
./easyrsa gen-req server nopass
./easyrsa gen-dh
cp /etc/openvpn/server/pki/ca.crt /etc/openvpn/
cp /etc/openvpn/server/pki/issued/server.crt /etc/openvpn/
cp /etc/openvpn/server/pki/dh.pem /etc/openvpn/
cp /etc/openvpn/server/pki/private/server.key /etc/openvpn/

Generate client.
This procedure should be repeated for each client but using a different names (client2, client3 ...)

cd /etc/openvpn
tar -zxvf EasyRSA-3.0.0-rc2.tgz
mv EasyRSA-3.0.0-rc2 client1
cd client1
./easyrsa init-pki
./easyrsa gen-req client1 nopass
./easyrsa import-req /etc/openvpn/client1/pki/reqs/client1.req client1
./easyrsa sign-req client client1

Enable forwarding

nano /etc/sysctl.conf

Set the following value

net.ipv4.ip_forward = 1


sysctl -p

Add firewall rules.
Change venet0 to your actual interface.

iptables -A FORWARD -i tun+ -o venet0 -j ACCEPT
iptables -t nat -A POSTROUTING -s -o venet0 -j MASQUERADE
iptables-save >/etc/sysconfig/iptables
service iptables restart

Create openvpn conf file

nano /etc/openvpn/server.conf

Paste the following lines

port 1194
proto udp
dev tun
ca ca.crt
cert server.crt
key server.key  # This file should be kept secret
dh dh.pem
push "redirect-gateway def1"
ifconfig-pool-persist ipp.txt
keepalive 10 120
status openvpn-status.log
verb 3

Start openvpn

service openvpn start
chkconfig openvpn on
chkconfig iptables on


The files you will need on a client side:


How to configure OpenVPN client on Windows



  • Add user (cert) to existent OpenVPN users DB:

You simply should source the vars before creating the key . Use one of the next ways:

". vars" 


". ./vars" 


"source ./vars"

After that you can build key for new user:

./build-key client_new


Also refer to this guide if you would like to install double vpn

Was this answer helpful?

 Print this Article

Also Read

Autorun in Linux

To set a script to start at boot in CentOS, add it into /etc/rc3.d/S99local. For example:...

OpenVPN Access Server

§  Install OpenVPN Access Server Be sure that you are using a clean system and no...

Create OpenVPN client

The following instructions are for those VPSGet customers who have installed OpenVPN...

FFmpeg on Centos 6

Install repo and ffmpeg # rpm -ihv...


 First of all make sure you have the ports 20-21 opened in your firewall. If not, you...