How to Install OpenVPN on CentOS

I’ve successfully tested it on my SSD VPS with 128mb Memory, and it should work on any other OpenVPS too.

Check if cat /dev/net/tun is enabled.

Add extra respository

For CentOS 5 32bit

rpm -Uvh http://linux.mirrors.es.net/fedora-epel/5/i386/epel-release-5-4.noarch.rpm
yum update

yum install openvpn nano

cp -R /usr/share/openvpn/easy-rsa/ /etc/openvpn

nano /etc/openvpn/easy-rsa/2.0/vars

Edit export KEY_EMAIL=”me@somethingemail.com” to your email address

cd /etc/openvpn/easy-rsa/2.0/
. /etc/openvpn/easy-rsa/2.0/vars
. /etc/openvpn/easy-rsa/2.0/clean-all
. /etc/openvpn/easy-rsa/2.0/build-ca

. /etc/openvpn/easy-rsa/2.0/build-key-server server

. /etc/openvpn/easy-rsa/2.0/build-key client1

. /etc/openvpn/easy-rsa/2.0/build-dh

Login root go to /etc/openvpn/easy-rsa/2.0/keys via WinSCP to download below 3 files to your computer.

ca.crt
client1.crt
client1.key
cd /etc/openvpn/easy-rsa/2.0/keys

cp ca.crt ca.key dh1024.pem server.crt server.key /etc/openvpn

cp /usr/share/doc/openvpn-2.2.2/sample-config-files/server.conf /etc/openvpn/
cp /usr/share/doc/openvpn-2.2.2/sample-config-files/client.conf ~/
cd ~/

nano ~/client.conf

Edit remote IP to your VPS/Dedicated Server IP address
rename client.crt and client.key to client1.crt and client1.key.

/etc/init.d/openvpn start
chkconfig openvpn on

nano /etc/openvpn/server.conf

Delete the semicolon in front of push “redirect-gateway def1 bypass-dhcp”

nano /etc/sysctl.conf

Change

net.ipv4.ip_forward = 0

to

net.ipv4.ip_forward = 1
echo 1 > /proc/sys/net/ipv4/ip_forward
iptables -A FORWARD -m state --state RELATED,ESTABLISHED -j ACCEPT
iptables -A FORWARD -s 10.8.0.0/24 -j ACCEPT
iptables -A FORWARD -j REJECT
iptables -t nat -A POSTROUTING -s 10.8.0.0/24 -j SNAT --to xx.xx.xxx.xx
replace xx.xx.xxx.xx with your own VPS/Dedicated IP above.
nano /etc/rc.local

insert following lines to the file before
touch /var/lock/subsys/local

iptables -A FORWARD -m state --state RELATED,ESTABLISHED -j ACCEPT
iptables -A FORWARD -s 10.8.0.0/24 -j ACCEPT
iptables -A FORWARD -j REJECT
iptables -t nat -A POSTROUTING -s 10.8.0.0/24 -j SNAT --to xx.xx.xxx.xx
replace xx.xx.xxx.xx with your own VPS/Dedicated IP above.
yum install dnsmasq
/etc/init.d/dnsmasq start
chkconfig dnsmasq on
nano /etc/openvpn/server.conf

add following line to the file.

push "dhcp-option DNS 10.8.0.1"
/etc/init.d/openvpn restart

Log in to your server again with winScp to root directory, download client.conf to your PC where you have other three files and rename the file client.conf to client1.ovpn

If you use free windows openvpn client, you have to copy all 4 files which include ca.crt, client1.crt, client1.key, client1.ovpn to the configuration folder in order to successfully establish connection.

If you use Viscosity as your Mac client, you only need to import client1.ovpn file to establish the VPN connection.

One thought on “How to Install OpenVPN on CentOS”

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>