If your VPS Hosting has plesk panel, then you can install and use the openvpn module provided by plesk via the plesk gui. If you have cpanel/directadmin/webmin, use the following:
Part 1:
Login to your VPS Hosting via ssh as root:
1.Download openvpn and save it to a folder,say, /etc/openvpn
wget http:// openvpn.net/release/openvpn-2.0.tar.gz (Please download latest stable version available)
Download it to local machine too.
2.Check the file release signature:
md5sum openvpn-2.0.tar.gz //and check its the same as in http:// openvpn.net/sig.html
3.tar -xvzf openvpn-2.0.tar.gz
cd openvpn-2.0
./configure
If it gives the error:
“LZO library and headers not found.
LZO library available from www. oberhumer.com/opensource/lzo
configure: error: Or try ./configure –disable-lzo”
download lzo:
cd ..
wget www. oberhumer.com/opensource/…zo-1.08.tar.gz
tar -xvzf lzo-1.08.tar.gz
cd lzo-1.08
./configure
make
make check
make test
make install
cd ../openvpn-2.0
./configure
make
make install
* We are using the routing method. (Refer http:// openvpn.net/howto.html#vpntype for details)
4. Generate a master CA certificate/key, a server certificate/key, and certificates/keys for clients:
On server:
cd easy-rsa/ (folder inside openvpn source dir)
. ./vars
./clean-all
a) ./build-ca //Give the details it asks for
b) ./build-key-server server //Give the details it asks for & yes for both qns.
c) ./build-key client1 //where client1 is the ‘common name’ you wish to give for first client. Give same details as above for rest of it
* If you plan to use more than one client, you need to repeat 4.c step for each client differentiated by the client name (client1, client2, client3 etc) and copy respective key/crt to the client machines
d) ./build-dh
ls keys
5. On server:
cd ../sample-config-files/
vi server.conf //Give the path to the key,ca,cert and dh, rest should be fine with default values. 10.8.0.1 will be the default IP used by server and subsequent ips will be given to connecting clients.
6. Make sure port 1194 is open on the server/ve firewall, if any.
7. On server start openvpn from source dir:
./openvpn sample-config-files/server.conf
should read “Initialization Sequence Completed” towards the end
Part 2: (Use this if your home/office computer is a linux/unix machine)
On local/client machine: (linux/*nix)
(Naming this client client1)
1.Install openvpn package (Repeat steps 1 to 3 of Part1)
2.Copy over client1.key, client1.crt and ca.crt from server to client1 machine.
3. Find sample-config-files/client.conf and edit it,
Give path to the clientkey,cleint cert and ca.crt on the client1 machine
Edit the ‘remote’ directive to point to the hostname/IP address and port number of the OpenVPN server
eg:
remote 204.157.7.143 1194
ca /root/openvpn/openvpn-2.0/easy-rsa/keys/ca.crt
cert /root/openvpn/openvpn-2.0/easy-rsa/keys/client1.crt
key /root/openvpn/openvpn-2.0/easy-rsa/keys/client1.key
Start openvpn from source dir:
./openvpn sample-config-files/client.conf
should read “Initialization Sequence Completed” towards the end too.
If it throws up some error about the certificate/key, run:
openssl verify -CAfile ca.crt -purpose sslclient client1.crt //To verify the cert
It should output:
client1.crt: OK
if everything is okay.
Also it might need both server and client to have the same date/time/timezone setup.
Part 3: ((Use this if your home/office computer is a windows machine)
Now for a windows client:
(Naming this client “client2” )
Install openvpn:
1. download openvpn package(includes openvpn+openvpn gui) for windows from
http:// openvpn.se/files/install_pack….0-install.exe
Run the install program.
2.Then copy client2.key, client2.crt and ca.crt from openvpn server to client2 machine.
(You need to create a cert/key for this client as well using step 4.c above)
3. Go to Start -> programs -> openvpn -> openvpn sample configuration files folder
and edit the client.ovpn file with notepad:
Give path to the clientkey,cleint cert and ca.crt on the client2 machine
Edit the ‘remote’ directive to point to the hostname/IP address and port number of the OpenVPN server
eg. remote 204.157.7.143 1194
ca C:\Program Files\ca.crt
crt C:\Program Files\client2.crt
key C:\Program Files\client2.key
and save the file.
4. Right click on client.ovpn -> Start OpenVPN on this config file
should read “Initialization Sequence Completed” towards the end
which means an openvpn connection has been setup.
Once running in this fashion, several keyboard commands are available:
F1 — Conditional restart (doesn’t close/reopen TAP adapter)
F2 — Show connection statistics
F3 — Hard restart
F4 — Exit
When OpenVPN GUI is started from Start -> programs -> openvpn -> openvpn GUI, an icon will be displayed in the taskbar’s
status area.
For details about openvpn installation, configuration and advanced usage, please refer:
http:// openvpn.net/howto.html
http:// openvpn.se/install.txt
http:// openvpn.se/install.txt