Skip to content

Simple OpenVPN setup

This will explain how to setup a simple OpenVPN tunnel between two computers (at a time). If someone attempts to connect while another person is already connected, that person will get bounced from the VPN tunnel..

On the server-side :

  1. yum install openvpn

  2. edit /etc/openvpn/server.conf

    dev tun
    secret static.key
    port 1194
    proto udp
    user nobody
    group nobody
    keepalive 10 60
    log /var/log/openvpn.log
    verb 1
  3. openvpn --genkey --secret /etc/openvpn/static.key

  4. share the static.key file with the client over a secure channel (gpg crypted, scp,...)

  5. open port udp/1194 under your NAT/firewall/any security appliance

On the client-side :

  1. Linux : yum install openvpn Windows : install OpenVPN client from

  2. Edit client.conf and put it either under /etc/openvpn/ for linux or under the conf directory under Windows

    remote or remote IP
    dev tun
    port 1194
    proto udp
    secret static.key
    route (optional)
  3. Make sure static.key is on the client machine

See for screenshots

  1. You should now be able to connect to the VPN and ping unless your security setup doesn't allow it to

  2. If you need to reach the subnet on the server to access certains services, add the line "route" to your client config file.. Depending on your firewall configuration you may need to allow ip forwarding from the incoming interface (tun0) to the internal interface (let's say eth1)..

This is how I did it : iptables -A FORWARD -i eth1 -o tun0 -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT iptables -A FORWARD -i tun0 -o eth1 -m state --state ESTABLISHED,RELATED -j ACCEPT

Info :