Home > qa tools, technology, ubuntu > Setup OpenVPN Client in Linux

Setup OpenVPN Client in Linux

I needed to install OpenVPN(open source virtual private network) in my Linux machine to be able to access our staging server. OpenVPN allows you to establish a secure point to point  access to network resources and services.

OpenVPN can be used in two ways – Server and Client. OpenVPN server is the system that you wish to use as VPN end-point or the one you want to access. In my case what I needed to do is to install OpenVPN as client or the one making a service request.

1. Install OpenVPN using terminal:

sudo apt-get install openvpn

2. Create client configuration file in /etc/openvpn

sudo cp /usr/share/doc/openvpn/examples/sample-config-files/client.conf /etc/openvpn

3. Setup client config file, server keys and certificates in /etc/openvpn folder (in my case our client sent these files generated from the server)

/etc/openvpn/client.conf
/etc/openvpn/keys/ca.crt
/etc/openvpn/keys/hostname.crt
/etc/openvpn/keys/hostname.key
/etc/openvpn/keys/ta.key

4. Edit client configuration file (client.conf) based on above directory

# example client config file
client
remote [server] 1194
dev tun
proto udp

ca /etc/openvpn/keys/ca.crt
cert /etc/openvpn/keys/hostname.crt
key /etc/openvpn/keys/hostname.key
ns-cert-type server
tls-auth /etc/openvpn/keys/ta.key 1

comp-lzo
keepalive 10 60
ping-timer-rem
persist-key
persist-tun

verb 3

5. Go to /etc/openvpn folder and start the OpenVPN

exist@exist:/etc/openvpn$ sudo openvpn client.conf
Mon Apr 23 13:44:43 2012 OpenVPN 2.1.0 x86_64-pc-linux-gnu [SSL] [LZO2] [EPOLL] [PKCS11] [MH] [PF_INET6] [eurephia] built on Jul 12 2010
Mon Apr 23 13:44:43 2012 IMPORTANT: OpenVPN's default port number is now 1194, based on an official port number assignment by IANA. OpenVPN 2.0-beta16 and earlier used 5000 as the default port.
...
Mon Apr 23 13:44:50 2012 [server] Peer Connection Initiated with [AF_INET]xxx.xxx.xx.xxx:1194
Mon Apr 23 13:44:52 2012 SENT CONTROL [server]: 'PUSH_REQUEST' (status=1)
...
Mon Apr 23 13:44:53 2012 TUN/TAP TX queue length set to 100
Mon Apr 23 13:44:53 2012 /sbin/ifconfig tun0 10.8.1.190 pointopoint 10.8.1.189 mtu 1500
Mon Apr 23 13:44:53 2012 /sbin/route add -net 192.168.3.0 netmask 255.255.255.0 gw 10.8.1.189
Mon Apr 23 13:44:53 2012 /sbin/route add -net 10.3.0.0 netmask 255.255.0.0 gw 10.8.1.189
Mon Apr 23 13:44:53 2012 /sbin/route add -net 10.8.1.1 netmask 255.255.255.255 gw 10.8.1.189
Mon Apr 23 13:44:53 2012 Initialization Sequence Completed

There you go! By this time, you should be able to access the application you want to test 🙂 However in our case we needed to setup the IP address of the server that we are trying to gain access in our hosts file. From the terminal, we type:

[user]@exist:~$ sudo su -
[sudo] password for [user]: [input password]
root@[user]:~# vi /etc/hosts

Then input the IP address and the corresponding name of the web server we are trying to access at the end of the line.

Advertisements
  1. Junn G
    September 12, 2012 at 12:56 pm

    Thank you for this girlie! w2gi mode! 🙂

  2. September 17, 2012 at 7:15 pm
  3. October 17, 2012 at 7:56 am

    wow nice post junn 🙂 #keepblogging

  1. September 17, 2012 at 7:14 pm

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: