Some users are interested in creating a private virtual network between the two computers. Provided by the task by using VPN technology (Virtual Private Network). Implemented the connection via public or private utilities and programs. After successful installation and configuration of all components of the procedure can be considered completed, and the connection is protected. Next, we would like to discuss in detail the implementation of the technology using OpenVPN client in an operating system based on Linux kernel.
Install OpenVPN on Linux
Since most of the users use based distributions Ubuntu, today’s instructions will be based on these versions. In other cases a fundamental difference in the installation and configuration of OpenVPN, you won’t notice unless I have the syntax of a distribution, what you can read in the official documentation of their system. We offer you to get acquainted with the entire process step by step, to better understand each activity.
One should take into account that the functioning of OpenVPN takes place via two host (computer or server), which means that installation and configuration applies to all members of the connection. Our next guide will focus just on two sources.
Step 1: Install OpenVPN
Of course, you should start with adding all required libraries to computers. Be ready, for the task used to be solely built-in OS “Terminal”.
sudo apt install openvpn easy-rsato install all the needed repositories. After that press Enter.
Proceed to the next step only when the installation will be performed on both devices.
Step 2: create and configure a certification authority
Center specifications responsible for verifying public keys and provides strong encryption. It is created on the device, which then will connect to other users, so open a console on the desired PC and follow these steps:
sudo mkdir /etc/openvpn/easy-rsawhere /etc/openvpn/easy-rsa — a place to create a directory.
sudo cp-R /usr/share/easy-rsa /etc/openvpn/.
# source ./vars
While the server computer can be left alone and to travel to client devices.
Step 3: configure the client certificates
The user manual with which you will be introduced below, you will need to spend on each client computer to organize properly functioning secure connection.
sudo cp-R /usr/share/easy-rsa /etc/openvpn/to copy all the required scripts tool.
sudo scp [email protected]:/etc/openvpn/easy-rsa/keys/ca.crt /etc/openvpn/easy-rsa/keyswhere [email protected] — address of the device from which you are downloading.
# source ./vars
# build-req Lumpics
Lumpics in this case, the specified file name. Created key must be in the same directory with the rest of the keys.
scp /etc/openvpn/easy-rsa/keys/Lumpics.csr [email protected]:~/, where [email protected] name of the computer to send and Lumpics.csr — the name of the key file.
./sign-req ~/Lumpicswhere Lumpics — the name of the file. Then return the document back through
sudo scp [email protected]:/home/Lumpics.crt /etc/openvpn/easy-rsa/keys.
This is all preliminary work completed, it remains only to bring himself up OpenVPN in a normal condition and you can begin to use a private encrypted connection with one or more clients.
Step 4: Configuring OpenVPN
The following guide will address and the client part and the server. We will all share in the action and warn about changes to the machines so you just need to follow these instructions.
zcat /usr/share/doc/openvpn/examples/sample-config-files/server.conf.gz | sudo tee /etc/openvpn/server.conf. When configuring client devices, this file will also have to create separately.
sudo nano /etc/openvpn/server.conf.
server 10.8.0.0 255.255.255.0
After you have completed all changes, save the settings and close the file.
sudo cp /usr/share/doc/openvpn/examples/sample-config-files/client.conf /etc/openvpn/client.conf.
remote 188.8.131.52 1194
tls-auth ta.key 1
After editing is complete, launch OpenVPN:
ifconfig, to verify system operation. Among all the displayed values must be present the interface tun0.
For traffic forwarding and open Internet access for all clients on a server PC, you will need to alternately activate the following commands.
sysctl -w net.ipv4.ip_forward=1
iptables -A INPUT -p udp --dport 1194 -j ACCEPT
iptables-I FORWARD -i tun0 -o eth0 -j ACCEPT
iptables-I FORWARD-i eth0 -o tun0 -j ACCEPT
iptables-t nat -A POSTROUTING -o eth0 -j MASQUERADE
In today’s article, you were introduced to the procedure to install and configure OpenVPN on server and client side. I advise to pay attention on the notification shown in the”Terminal” and examine the error codes if they appear. Such actions will help to avoid further problems with the connection, because the prompt resolution of problems prevents other problems arising.