is a private network that runs over a public network.The traffic over a VPN
is encrypted and authenticated via an SSL certificate, a password, or a two-factor authentication mechanism.
Here , we can discuss how to set up an open vpn server and clien t
The OpenVPN software and its dependencies are available in the EPEL repository.
Consider a server with hostname server.example.com running CentOS and a public IP 1x.x.x.x
In a CentOS server, you can Install OpenVPN server by the following command.
>>> yum install openvpneasy-rsa
By default easy-rsascripts are located in the /usr/share/easy-rsa/ directory. Create a directory /easy-rsa/keys inside the /etc/openvpn directory and copy the scripts to /easy-rsa/keys.
>>> mkdir -p /etc/openvpn/easy-rsa/keys
cp -rf /usr/share/easy-rsa/2.0/* /etc/openvpn/easy-rsa/
Create CA Certificate and CA key
>>> Edit file /etc/openvpn/easy-rsa/varsand add the values of country, email etc..inthe section
>>>save the file and exit, navigate to /etc/openvpn/easy-rsa/ directory
cp openssl-1.0.0.cnf openssl.cnf
>>> This will generateCA certificateand CA key.Next createa certificate and key using the command
>>> Create certificate and key for VPN clients using the following command
>>> The keys and certificates will be generated in the directory /etc/openvpn/easy-rsa/keys/.
Copy the files to the directory /etc/openvpn/
VPN server Configuration.
Copy the file server.conffile to directory /etc/openvpn/
>>> Find and uncomment the following lines in the file
push”redirect-gateway def1 bypass-dhcp”
push”dhcp-option DNS 184.108.40.206″
push”dhcp-option DNS 220.127.116.11″
>>> Save and close
>>> Copy the file client.conffile to /root/ (This file should be neededtolater copying to the VPN clients)
>>> Add the VPN server IP address
# The hostname/IP and port of the server.
# You can have multiple remote entries
# to load balance between the servers.
remote 192.0.2.100 1194
Save and close.
>>> Copy this file to your VPN client machine.
Lastly, Start the OpenVPN service using the following commands
Install OpenVPN package by the following command
yum install openvpn
Start the OpenVPN client service by the commands
service openvpn start
>>> Check the tun0 interface is created by the command
>>> On successful completion the VPN server will automatically assign an IP address to the VPN client.
Check if you can ping your VPN server from client systems