VPN Configuration – OpenVPN

This OpenVPN configuration use SSL mode.

1. Download from http://openvpn.org.

2. This installation running in console.

3. Then type make and make install, and go to easy-rsa directory. Then type,
export D=/etc/openvpn
export KEY_CONFIG=$D/openssl.cnf
export KEY_DIR=$D/keys
export KEY_SIZE=1024
export KEY_COUNTRY=ID
export KEY_PROVINCE="Province"
export KEY_CITY="Your City"
export KEY_ORG="[Your Organization]"
export KEY_EMAIL="Your Email"
export KEY_COMMON="[Your Host]"

4. Copy openssl.cnf from easy-rsa directory to /etc/openvpn

5. Run “./clean-all” from easy-rsa directory.

6. Run “./build-ca”

7. Run “./build-key-server server”

8. Run “./build-key client” and then run “./build-key client2″, depend on how many client that connect to your VPN Server.

9. Run “./build-dh”.

10. Make file /etc/openvpn/server.conf

port [TCP or UDP port for tunneling, ex : 1234]
proto [UDP/TCP]
ca /etc/openvpn/keys/ca.crt
cert /etc/openvpn/keys/server.crt
key /etc/openvpn/keys/server.key
dh /etc/openvpn/keys/dh1024.pem
server [network & subnet for client, ex:192.168.0.0 255.255.255.0]
user nobody
group nobody
persist-key
persist-tun
status openvpn-status.log
verb 2
dev tun
push "[Route of IP, ex: route 202.155.0.0 255.255.255.0]"
keepalive 10 120
comp-lzo

11. For client, copy “ca.crt”, “client.key” and “client.crt” file that generated to your client.