Tuesday, August 14, 2018

OpenVPN configuration for server and multiple clients

This is a simple post showing a basic configuration for setting up OpenVPN server accepting multiple clients with TLS.

First of all generate self-signed server and client private key and certificates, and dh params. Make sure to write the Organization Name AND Common Name (CN) when asked, otherwise openvpn will fail to verify the certificates.

openssl req -newkey rsa:2048 -nodes -keyout serverkey.pem -x509 -days 365000 -out servercert.pem
openssl req -newkey rsa:2048 -nodes -keyout clientkey.pem -out client.csr
openssl x509 -req -days 365000 -in client.csr -CA servercert.pem -CAkey serverkey.pem -set_serial 01 -out clientcert.pem
openssl dhparam -outform PEM -out dh.pem 1024

Server configuration:

dev tun
mode server
ca servercert.pem
cert servercert.pem
key serverkey.pem
dh dh.pem
topology subnet
keepalive 10 60

If you plan to use the server as gateway like configured below, don't forget to enable IP forwarding and masquerading:

sysctl net.ipv4.ip_forward=1
iptables -t nat -A POSTROUTING -s -j MASQUERADE

Client configuration:

key clientkey.pem
cert clientcert.pem
ca servercert.pem
keepalive 10 60
dev tun

Have fun, tune as needed.


Robotic Process Automation Tutorial said...

Thanks for such a great article here. I was searching for something like this for quite a long time and at last I’ve found it on your blog. It was definitely interesting for me to read about their market situation nowadays. Well written article Thank You for Sharing with Uspmp training in chennai | pmp training institute in chennai | pmp training centers in chennai| pmp training in velachery | pmp training near me | pmp training courses online

amsa leka said...

Hey, Wow all the posts are very informative for the people who visit this site. Good work! We also have a Website. Please feel free to visit our site. Thank you for sharing. Well written article Thank You for Sharing with Us pmp training institute in chennai | pmp training in chennai project management training certification | project management training in chennai | project management certification online |

jaya devan said...

You are doing a great job. I would like to appreciate your work for good accuracy
best selenium training institute in chennai

institute of marketing said...

Nice post.Thanks for sharing such a amazing post with us and keep blogging
Digital Marketing course in Bangalore fees