How To Install OpenVPN on CentOS
Create your own Vpn in 15 minutes
tested - https://arionvps.com/billing/cart.php?a=add&pid=1
XenVps025: RAM - 256 Mb HDD - 10 GB Location - Usa - 6usd/mo
Operating System - Centos 5.3-x86
software that will be needed
putty - Free SSH client for Windows: putty.org
WinSCP - Free SFTP and FTP client for Windows easy copy files: winscp.net
#cat /dev/net/tun
"cat: /dev/net/tun: File descriptor in bad state"
*"File descriptor in bad state" means tun/tap is active, otherwise please ask your provider to activate it
#yum install gcc make rpm-build autoconf.noarch zlib-devel pam-devel openssl-devel
#wget http://openvpn.net/release/lzo-1.08-4.rf.src.rpm
for 32bit
#wget http://packages.sw.be/rpmforge-release/rpmforge-release-0.5.2-2.el5.rf.i386.rpm
for 64bit
#wget http://packages.sw.be/rpmforge-release/rpmforge-release-0.5.2-2.el5.rf.x86_64.rpm
Build the rpm packages
#rpmbuild --rebuild lzo-1.08-4.rf.src.rpm
#rpm -Uvh /usr/src/redhat/RPMS/i386/lzo-*.rpm
#rpm -Uvh rpmforge-release-0.5.2-2.el5.rf.i386.rpm
*Note: remember to change i386 to x86_64 if you're using 64bit
Install OPENVPN
#yum install openvpn
Сreate the certificate
cp -R /usr/share/doc/openvpn-2.2.2/easy-rsa/ /etc/openvpn/
*Note: version can be changed check the folder "openvpn-2.2.2"
#cd /etc/openvpn/easy-rsa/2.0
#chmod 755 *
#source ./vars
#./vars
#./clean-all
#./build-ca
Country Name (2 letter code) [US]: filled or press enter
State or Province Name (full name) [CA]: filled or press enter
Locality Name (eg, city) [SanFrancisco]: filled or press enter
Organization Name (eg, company) [Fort-Funston]: filled or press enter
Organizational Unit Name (eg, section) [changeme]: filled or press enter
Common Name (eg, your name or your server's hostname) [changeme]: vpn
Name [changeme]: filled or press enter
Email Address [mail@host.domain]: filled or press enter
*Note: Common Name: - need to fill in
#./build-key-server server
filled or press enter
*Note: Common Name: server
A challenge password: Enter
Optional company name: Enter
sign the certificate: y
1 out of 1 certificate requests: y
#./build-dh
Сreate client key:
#chmod +x build-key
#./build-key client
filled or press enter
Common Name (eg, your name or your server's hostname) [client]: client
*Note: Common Name: - client1, clien2,...
openvpn --genkey --secret keys/ta.key
Copy file "ca.crt, dh1024.pem, server.crt, server.key, ta.key" in /etc/openvpn/keys
#mkdir /etc/openvpn/keys
#cd /etc/openvpn/keys
#cp /etc/openvpn/easy-rsa/2.0/keys/ca.crt .
#cp /etc/openvpn/easy-rsa/2.0/keys/dh1024.pem .
#cp /etc/openvpn/easy-rsa/2.0/keys/server.crt .
#cp /etc/openvpn/easy-rsa/2.0/keys/server.key .
#cp /etc/openvpn/easy-rsa/2.0/keys/ta.key .
need created server.conf and copy to /etc/openvpn/
port 1194
proto udp
dev tun
ca /etc/openvpn/keys/ca.crt
cert /etc/openvpn/keys/server.crt
key /etc/openvpn/keys/server.key
dh /etc/openvpn/keys/dh1024.pem
server 10.10.10.0 255.255.255.0
push "redirect-gateway def1"
push "dhcp-option DNS 208.67.222.222"
push "dhcp-option DNS 4.2.2.1"
mode server
client-config-dir ccd
tls-server
tls-auth /etc/openvpn/keys/ta.key 0
auth SHA512
cipher BF-CBC
keepalive 10 120
comp-lzo
max-clients 10
persist-key
persist-tun
verb 3
#chkconfig openvpn on
#modprobe tun
#echo "1" > /proc/sys/net/ipv4/ip_forward
Edit /etc/sysctl.conf
find
net.ipv4.ip_forward = 0
and replace with
net.ipv4.ip_forward = 1
Route iptables
#/sbin/iptables -t nat -A POSTROUTING -s 10.10.10.0/24 -j SNAT --to-source IPVPSSERVER
#mkdir /etc/iptables
#/sbin/iptables-save > /etc/iptables/rules
#echo "/sbin/iptables-restore < /etc/iptables/rules" >> /etc/rc.d/rc.local
#reboot
all ready!
copy key files from server to C:\Program Files\OpenVPN\config
ca.crt
client.crt
client.key
ta.key
created client.ovpn
client
dev tun
proto udp
remote IPVPSSERVER 1194
nobind
resolv-retry infinite
ca ca.crt
cert client1.crt
key client1.key
tls-client
tls-auth ta.key 1
auth SHA512
cipher BF-CBC
ns-cert-type server
comp-lzo
persist-key
persist-tun
verb 3
