video on demandVPN Server Configuration
Install the package openvpn on the machine that will later become your VPN server.
Open a shell, become root and create the VPN secret key:
openvpn --genkey --secret /etc/openvpn/secret.key
Copy the secret key to your client:
scp /etc/openvpn/secret.key root@192.168.2.110:/etc/openvpn/
Create the file /etc/openvpn/server.conf with the following content:
dev tun
ifconfig 10.4.0.1 10.4.0.2
secret secret.key
If you want your clients to have a static ip,
make sure that the client-config-dir on the server
is known:
# cat /etc/openvpn/server.conf
(output skipped)
client-config-dir /etc/openvpn
(output skipped)
In this client config dir create a file with the
clientname and put the following line in it.
ifconfig-push 10.4.0.2 10.4.0.1
Now the client upon connect will receive the configured
address.
Start the OpenVPN service as root:
rcopenvpn start
Configuring the VPN Client
To configure the VPN client, do the following:
VPN Client Configuration
Install the package openvpn on your client VPN machine.
Create /etc/openvpn/client.conf with the following content:
remote 192.168.2.100
dev tun
ifconfig 10.4.0.2 10.4.0.1
secret secret.key
Start the OpenVPN service as root:
rcopenvpn start
Testing the VPN Example
After the OpenVPN is successfully started, test if the tun device is available with the following command:
ifconfig tun0
To verify the VPN connection, use ping on both client and server to see if you can reach each other. Ping server from client:
ping -I tun0 10.4.0.1
Ping client from server:
ping -I tun0 10.4.0.2