How to Install OpenVPN on CentOS VPS

 

OpenVPN is an open source virtual private network (VPN) software. Follow the steps below to configure OpenVPN on CentOS:

1. Install dependencies:

# yum install gcc make rpm-build autoconf.noarch zlib-devel pam-devel openssl-devel

 

2. Get OpenVPN:

# wget http://openvpn.net/release/lzo-1.08-4.rf.src.rpm

# wget http://dag.wieers.com/rpm/packages/rpmforge-release/rpmforge-release-0.3.6-1.el5.rf.x86_64.rpm

 

3. Prepare to install:

# rpmbuild --rebuild lzo-1.08-4.rf.src.rpm

# rpm -Uvh /usr/src/redhat/RPMS/x86_64/lzo-*.rpm

# rpm -Uvh rpmforge-release-0.3.6-1.el5.rf.x86_64.rpm

 

4. Install OpenVPN:

# yum install openvpn

 

5. Copy the OpenVPN directory:

# cp -r /usr/share/doc/openvpn-2.2.0/easy-rsa/ /etc/openvpn/

 

6. Build SSL keys. When prompted for key information, you can simply press enter to bypass:

#cd /etc/openvpn/easy-rsa/2.0

#chmod 755 *

#source ./vars

#./vars

#./clean-all

#./build-ca

#./build-key-server server

#./build-dh

 

7. Create the OpenVPN config:

# cd /etc/openvpn

# vi server.conf

 

Copy the following sample config into the document, edit the IP address and port to your main IP address and desired port, then press ESC, then :wq and enter to save and exit the document.

 

local 123.123.123.123 #- change it with your server ip address

port 1234 #- change the port you want

proto udp #- protocol can be tcp or udp

dev tun

tun-mtu 1500

tun-mtu-extra 32

mssfix 1450

ca /etc/openvpn/easy-rsa/2.0/keys/ca.crt

cert /etc/openvpn/easy-rsa/2.0/keys/server.crt

key /etc/openvpn/easy-rsa/2.0/keys/server.key

dh /etc/openvpn/easy-rsa/2.0/keys/dh1024.pem

plugin /usr/share/openvpn/plugin/lib/openvpn-auth-pam.so /etc/pam.d/login

client-cert-not-required

username-as-common-name

server 10.8.0.0 255.255.255.0

push "redirect-gateway def1"

push "dhcp-option DNS 208.67.222.222"

push "dhcp-option DNS 4.2.2.1"

keepalive 5 30

comp-lzo

persist-key

persist-tun

status server-tcp.log

verb 3

 

8. Start OpenVPN:

# openvpn /etc/openvpn/server.conf

Check that it returns "Initialization Sequence Completed." If so, press ctrl-c to quit.

 

9. Setup NAT rules:

# echo 1 > /proc/sys/net/ipv4/ip_forward

# iptables -t nat -A POSTROUTING -s 10.8.0.0/24 -j SNAT --to 0.0.0.0

(Modify "0.0.0.0" to your server's IP)

 

Create a user to login to the VPN with:

#useradd username -s /bin/false

#passwd username

 

10. Create an OpenVPN config file on your local machine with name vpn1.ovpn, copy the sample below with your IP and port, and place it in your OpenVPN configurations folder:

client

dev tun

proto udp

remote 123.123.123.123 4567 #- your OPENVPN server ip and port

resolv-retry infinite

nobind

tun-mtu 1500

tun-mtu-extra 32

mssfix 1450

persist-key

persist-tun

ca ca.crt

auth-user-pass

comp-lzo

verb 3

 

11. Download ca.crt from /etc/openvpn/easy-rsa/2.0/keys to the same OpenVPN configs folder.

12. Start the VPN on the VPS:

# openvpn /etc/openvpn/server.conf

 

Log in to the VPN from your local machine (using OpenVPN or another desktop client) with the username/password you created.

 


Was this answer helpful?

 Print this Article

Also Read

How to Install Nginx with Yum on a CentOS VPS

Nginx (pronounced engine-x) is a free, open-source, high-performance HTTP server and reverse...

How to Setup Ruby on Rails on a CentOS or Fedora VPS

This tutorial will walk you through the setup of a basic Ruby on Rails environment, including:...

Installing htop on a CentOS VPS

If you want to install ‘htop’ (a very good Linux process viewer) onto a server...

How to Install VNC with GNOME Desktop on a Debian VPS

NOTE: Bitronic Technologies come pre-configured for VNC access, just click Product...

How to Install a Minecraft Server on a CentOS VPS

This tutorial will go over how to setup a minecraft server on a CentOS VPS. Bitronic Technologies...