generated. Repeat as needed for each client, replacing clientname with the
name of each client system:
Click here to view code image
/etc/openvpn/ca.crt
/etc/openvpn/easy-rsa/keys/clientname.crt
/etc/openvpn/easy-rsa/keys/clientname.key
Remove the files from the server after they are installed on the client.
Many sample configuration files are included with OpenVPN in
/usr/share/doc/openvpn /examples/sample-config-
files/. You can read through them if you have more complex needs than
the simple setup shown here. For this example, you only need the most basic
configuration files. Copy and unpack this file:
Click here to view code image
matthew@seymour:~$ sudo cp /usr/share/doc/openvpn/examples/sample-
config-files/server.conf.gz /etc/openvpn
matthew@seymour:~$ sudo gzip -d /etc/openvpn/server.conf.gz
Edit /etc/openvpn/server.conf to point to and use the certificates
and keys you created earlier by changing or adding these lines, replacing
yourservername with the name of your server and leaving all the other default
settings in place:
Click here to view code image
ca ca.crt
cert yourservername.crt
key yourservername.key
Start your server:
Click here to view code image
matthew@seymour:~$ sudo /etc/init.d/openvpn start
OpenVPN should create a new networking interface on your computer called
tun0. To make sure the interface is created, enter the following:
Click here to view code image
matthew@seymour:~$ sudo ifconfig tun0
To use your new VPN server with the client described in the previous section,
select OpenVPN as the VPN type, enter yourservername from this section as
the gateway, set the type to certificates (TLS). Also point the user certificate
to use the client certificate you created and moved to the client machine, CA
Certificate, to use the credential authority certificate you created and moved
to the client machine, and point Private Key to use the private key file you