How to Set Up a Virtual Private Network (VPN) Using OpenVPN
Imagine that in your office’s computer, there are lots of interesting files that you have saved. As long as you are in your office, you have access to all of them, but when you go home, you can’t access it. The reason is that although your office computer has internet, it’s behind NAT and therefore you cannot access it directly. This is where a VPN can really be helpful.
A Virtual Private Network is a way to access a private network (your office lan in this occasion) through a larger network (the internet in this and actually most cases). What you would do in this occasion is install openvpn in both your computers and set your office computer to be the server and your home computer to be the client. Let’s take a look on the steps that you need to take in order to create the vpn.
Generate The Master CA certificate, the Server Certificate and The Clients Certificates
After you install openVPN on your machines (installation is trivial, there are packages available or you can even compile from sources), go to your server and locate the openVPN configuration files. It should be under /etc/openvpn/. Inside the easy-keys/2.0/ directory, execute these commands to initialize the Public Key Infrastructure :
./vars ./clean-all ./build-ca
After executing build-ca, you will be asked for some information. Changing the Common Name is a good idea if you like to. You can leave the rest as they are. After completion, the Master CA Certificate is now generated.
Let’s now generate the certificate and private keys for our server, using the command :
./build-key-server server
Sign and commit the certificate, while also provide a meaningfull Common Name, like “officeServer”. Our server is set and we just need to configure our client(s). Again, this is almost the same as the server key and certificate generation :
build-key homeClient
You could create more clients if you like, but in this case we just need one for our home. In the end, you also need to generate the Diffie-Hellman public key scheme parameters using :
build-dh
This will create a *.pem file that we need for our server. In the end of the process, you will have a bunch of different files in easy-keys/2.0/ . The ca.crt file is needed by both the server and the client(s), it is the master certificate. The server has 3 more files. The *.pem file, the server.crt and server.key file (or however you named them). A client has 2 files, the client.crt and client.key file.
The next thing that you would need to do is create a tarball with the client files, client.crt, client.key AND the ca.crt, which is needed by every computer.
Sample Configuration Files For OpenVPN Clients and Server
Now, both your server and client(s) need to have config files in /etc/openvpn/ . This is actually pretty easy to do and you can follow the official openvpn sample files to do so. Once you’re done, just restart both openvpns using “/etc/init.d/openvpn restart” and your virtual private network is now working !
Loading ...
You’ll have to get the settings from the system admin on the distant end. There are a number of options and if you don’t have everything right it won’t work. VPN passthrough is enabled by default on your Linksys but make sure that that hasn’t been changed.
With a VPS, a single web server is partitioned by virtualization software to make it appear as multiple virtual servers. Probably the most common virtualization software that you will encounter with VPS hosting is the Parallels Virtuozzo software.
Did I already tell you just how I love every subjects on your site ?
Thank you for almost every other informative website. The spot otherwise might I am getting that type of information coded in this sort of excellent way? I own a objective that i’m at the moment managing in, so i have been within the start looking out and about to get such information.