OpenVPN on Centos 6

From vpsget wiki
Revision as of 16:35, 21 April 2016 by Vq (talk | contribs)
Jump to: navigation, search

Tested on Centos 6.7 and OpenVPN 2.3.10

Install Epel repository

yum install epel-release

Install dependencies and the OpenVPN

yum install wget nano unzip openvpn
cd /etc/openvpn/
wget https://github.com/OpenVPN/easy-rsa/archive/master.zip
unzip master.zip
cp -R easy-rsa-master/easyrsa3 server
cd server
./easyrsa init-pki
./easyrsa build-ca
./easyrsa gen-req server nopass
./easyrsa sign-req server server
./easyrsa gen-dh
cp /etc/openvpn/server/pki/ca.crt /etc/openvpn/
cp /etc/openvpn/server/pki/issued/server.crt /etc/openvpn/
cp /etc/openvpn/server/pki/dh.pem /etc/openvpn/
cp /etc/openvpn/server/pki/private/server.key /etc/openvpn/

Generate client

cp -R /etc/openvpn/easy-rsa-master/easyrsa3 /etc/openvpn/client1
cd /etc/openvpn/client1/
./easyrsa init-pki
./easyrsa gen-req client1 nopass
cd /etc/openvpn/server
./easyrsa import-req /etc/openvpn/client1/pki/reqs/client1.req client1
./easyrsa sign-req client client1

Enable forwarding

nano /etc/sysctl.conf

Set the following value:

net.ipv4.ip_forward = 1

Save the file and apply the changes:

sysctl -p

Add firewall rules. Note: change venet0 to your actual interface.

iptables -A FORWARD -i tun+ -o venet0 -j ACCEPT
iptables -t nat -A POSTROUTING -s 10.8.0.0/24 -o venet0 -j MASQUERADE
iptables-save >/etc/sysconfig/iptables
service iptables restart

Create openvpn conf file

nano /etc/openvpn/server.conf
port 1194
proto udp
dev tun
ca ca.crt
cert server.crt
key server.key  # This file should be kept secret
dh dh.pem
server 10.8.0.0 255.255.255.0
push "redirect-gateway def1"
ifconfig-pool-persist ipp.txt
keepalive 10 120
comp-lzo
persist-key
persist-tun
status openvpn-status.log
verb 3

Start OpenVPN daemon:

service openvpn start
chkconfig openvpn on
chkconfig iptables on

The files you will need on a client side:

/etc/openvpn/client1/pki/private/client1.key
/etc/openvpn/server/pki/issued/client1.crt
/etc/openvpn/server/pki/ca.crt

How to configure OpenVPN client on Windows

Also refer to this guide if you would like to install double vpn




>>Get OpenVPN Ready2Go VPS. $5.95 p/m 512RAM,20GB SAS,2Tb, Netherlands, EU
   remember to enable TUN/TAP in SolusVM CP after you got access.