Setup OpenVPN Client in Linux
I needed to install OpenVPN(open source virtual private network) in my Linux machine to be able to access our staging server. OpenVPN allows you to establish a secure point to point access to network resources and services.
OpenVPN can be used in two ways – Server and Client. OpenVPN server is the system that you wish to use as VPN end-point or the one you want to access. In my case what I needed to do is to install OpenVPN as client or the one making a service request.
1. Install OpenVPN using terminal:
sudo apt-get install openvpn
2. Create client configuration file in /etc/openvpn
sudo cp /usr/share/doc/openvpn/examples/sample-config-files/client.conf /etc/openvpn
3. Setup client config file, server keys and certificates in /etc/openvpn folder (in my case our client sent these files generated from the server)
4. Edit client configuration file (client.conf) based on above directory
# example client config file
remote [server] 1194
tls-auth /etc/openvpn/keys/ta.key 1
keepalive 10 60
5. Go to /etc/openvpn folder and start the OpenVPN
exist@exist:/etc/openvpn$ sudo openvpn client.conf
Mon Apr 23 13:44:43 2012 OpenVPN 2.1.0 x86_64-pc-linux-gnu [SSL] [LZO2] [EPOLL] [PKCS11] [MH] [PF_INET6] [eurephia] built on Jul 12 2010
Mon Apr 23 13:44:43 2012 IMPORTANT: OpenVPN's default port number is now 1194, based on an official port number assignment by IANA. OpenVPN 2.0-beta16 and earlier used 5000 as the default port.
Mon Apr 23 13:44:50 2012 [server] Peer Connection Initiated with [AF_INET]xxx.xxx.xx.xxx:1194
Mon Apr 23 13:44:52 2012 SENT CONTROL [server]: 'PUSH_REQUEST' (status=1)
Mon Apr 23 13:44:53 2012 TUN/TAP TX queue length set to 100
Mon Apr 23 13:44:53 2012 /sbin/ifconfig tun0 10.8.1.190 pointopoint 10.8.1.189 mtu 1500
Mon Apr 23 13:44:53 2012 /sbin/route add -net 192.168.3.0 netmask 255.255.255.0 gw 10.8.1.189
Mon Apr 23 13:44:53 2012 /sbin/route add -net 10.3.0.0 netmask 255.255.0.0 gw 10.8.1.189
Mon Apr 23 13:44:53 2012 /sbin/route add -net 10.8.1.1 netmask 255.255.255.255 gw 10.8.1.189
Mon Apr 23 13:44:53 2012 Initialization Sequence Completed
There you go! By this time, you should be able to access the application you want to test 🙂 However in our case we needed to setup the IP address of the server that we are trying to gain access in our hosts file. From the terminal, we type:
[user]@exist:~$ sudo su -
[sudo] password for [user]: [input password]
root@[user]:~# vi /etc/hosts
Then input the IP address and the corresponding name of the web server we are trying to access at the end of the line.