Configure of clients
First of all, these keys and certificates should be copied to client device:
- ca.crt
- CLIENT_NAME.crt
- CLIENT_NAME.key
- ta.key
Linux
Install OpenVPN (Arch Linux):
pacman -S openvpn
Install OpenVPN (CentOS 7):
yum -y install openvpn
There are several ways to connect to VPN.
OpenVPN client as service
Create directory to store of client keys
cd <path to directory with client's keys>
mkdir /etc/openvpn/client
cp ca.crt CLIENT_NAME.crt CLIENT_NAME.key ta.key /etc/openvpn/client
Create client config file for service
cd /etc/openvpn
touch client.conf
Content of client.conf
client
#
dev tun
proto udp
#
remote MyOpenVPNServer.com 1194
#
resolv-retry infinite
user nobody
group nobody
#
persist-key
persist-tun
#
ca /etc/openvpn/client/ca.crt
cert /etc/openvpn/client/CLIENT_NAME.crt
key /etc/openvpn/client/CLIENT_NAME.key
#
remote-cert-tls server
#
tls-auth /etc/openvpn/client/ta.key 1
#
cipher AES-256-CBC
#
comp-lzo adaptive
Start OpenVPN client
systemctl start openvpn@client
Using NetworkManager
Install OpenVPN plugin for NetworkManager (Arch Linux)
pacman -S networkmanager-openvpn
Install OpenVPN plugin for NetworkManager (CentOS 7)
yum -y install NetworkManager-openvpn
Copy keys/certificates and create config file us was describe above.
If key/certificate files are copied to other location, then set correct value in config file.
- Open NetworkManager -> VPN connections -> Configure VPN;
- Window “Network connection” -> Add -> Click on “Import VPN …” -> choose client.conf ;
Android
Install OpenVPN using Google Play or F-Droid
It is OpenSource project, code is able to load from GitHub.
- Copy keys/certificates to some directory;
- Create config file us was describe above.
If key/certificate files are copied to other location, then set correct value in config file.
Other way
- Copy keys/certificates to some directory on device;
- Create new OpenVPN connection;
- Fill all necessary fields on all tabs.