Anyway what is openvpn?
Okay, let's begin.
First off all install CentOS on your vps, here i'm using SolusVM for OS install and choose CentOS 5.5
I'm using CentOS 5.5 because TUN/TAP is not available in CentOS 32bit and x86. Okay, the installation will be finish in approximately 30 minutes, after finished now login to root using ssh.
Before we're going to install OPENVPN, check your TUN/TAP whether it is active or not, if it's not you can try to install another CentOS or contact your vps provider to activate TUN/TAP.
if you're TUN/TAP status is like that, then your TUN/TAP is ready, otherwise it's not.
Now we're begin the installation, first of all install gcc and make.
#yum install gcc make
Download package for OPENVPN
Download repository for OPENVPN
if you're using 32bit version
if you're using 64bit version
you can check your server architecture with:
Install package needed for OPENVPN
#yum install rpm-build
#yum install autoconf.noarch
#yum install zlib-devel
#yum install pam-devel
#yum install openssl-devel
Install the downloaded rpm package and add the repository to your CentOS
#rpmbuild --rebuild lzo-1.08-4.rf.src.rpm
#rpm -Uvh /usr/src/redhat/RPMS/x86_64/lzo-*.rpm
#rpm -Uvh rpmforge-release-0.3.6-1.el5.rf.x86_64.rpm
note: check your architecture engine, if you're using 32bit then change "x86_64" to "i386"
#yum install openvpn
Copy the folder for creating certificate to directory /etc/openvpn/
#cp -r /usr/share/doc/openvpn-2.0.9/easy-rsa/ /etc/openvpn/
Now let's create the certificate
#chmod 755 *
you'll be asked to fill the field data, you can empty that with click enter repeatedly, but the one you have to fill is the "Common Name" field.
Build Key Server
same as build-ca, but in the "Common Name" fill with: server
Build Diffie Hellman
Building certificate done, now we create the configuration file in the directory /etc/openvpn
you can also use vi or pico editor to create the configuration file
Here is the example of configuration file.
local 184.108.40.206 #- change it with your server ip address
port 1234 #- change the port you want
proto udp #- protocol can be tcp or udp
plugin /usr/share/openvpn/plugin/lib/openvpn-auth-pam.so /etc/pam.d/login
server 220.127.116.11 255.255.255.0
push "redirect-gateway def1"
push "dhcp-option DNS 18.104.22.168"
push "dhcp-option DNS 22.214.171.124"
keepalive 5 30
Now start the OPENVPN
if the status is Initialization Sequence Completed then your OPENVPN is ready.
Now we're enabling ip forward and create NAT iptables rules so we can access the internet with OPENVPN server.
#echo 1 > /proc/sys/net/ipv4/ip_forward
If you're using VPS:
#iptables -t nat -A POSTROUTING -s 126.96.36.199/24 -j SNAT --to 188.8.131.52
If you're using Dedicated Server:
#iptables -t nat -A POSTROUTING -s 184.108.40.206/24 -o eth0 -j MASQUERADE
Install process is done, now create user for you OPENVPN.
#useradd username -s /bin/false
to delete existing user, you can use
Now go to your OPENVPN GUI config folder and create client configuration file. This is the example for client configuration.
remote 220.127.116.11 4567 #- your OPENVPN server ip and port
save the configuration with filename.ovpn.
And the last thing you have to do is download ca.crt file in directory /etc/openvpn/easy-rsa/2.0/keys to your PC and save to the OPENVPN GUI config folder.
Your OPENVPN is ready!
if you want to test OPENVPN, here's the config file:
rar pass: vpn4free.org