OpenVPN Setup

From philcrump.co.uk
Jump to: navigation, search

Issue New Client Key

cd /etc/openvpn/easy-rsa/
source vars
./build-key client1

This creates the files 'client1.crt', and 'client1.key' in '/etc/openvpn/easy-rsa/keys/'.

These two files along with 'ca.crt' should be copied into a new directory in '/root/vpnkeys/'. You can then generate a tarball of the new directory for distribution to the client machine.

Client Guide

Reference: Official 12.04 OpenVPN Guide

Do not use NetworkManager-OpenVPN, it appears to mess with the routing in a way that I can't work out how to fix.

sudo apt-get install openvpn

Unpack your key bundle into /etc/openvpn/

Then copy the below file to /etc/openvpn/client.conf and edit the cert and key entries for the filenames from your key bundle: (can also use 178.79.188.82 for clients that may not have working dns)

client
dev tun
proto udp
remote philcrump.co.uk 1194
resolv-retry infinite
nobind
persist-key
persist-tun
ca ca.crt
# Put your filenames here:
cert client.crt
key client.key
# ^^^^
ns-cert-type server
cipher AES-128-CBC
comp-lzo
verb 3

Start the Client and you'll quickly be connected! Use the following command to stop the Client.

sudo service openvpn start
...
sudo service openvpn stop