Tuesday, March 29, 2011

How to install and configure OpenVPN on redhat rhel5 linux or Centos 5


I got this script from here. But it has some problems. Version conflicts is there and it is designed to run in a VPS. So I have done some changes. Its better you run command by command. This steps will work in other operating systems like fedora, Centos, etc.

# Quick and dirty OpenVPN install script
# Tested on Centos 5.x 32bit, openvz minimal CentOS OS templates
# Please submit feedback and questions at support@vpsnoc.com

# John Malkowski vpsnoc.com 01/04/2010

ip=`grep IPADDR /etc/sysconfig/network-scripts/ifcfg-venet0:0 | awk -F= '{print $2}'`

wget http://packages.sw.be/rpmforge-release/rpmforge-release-0.3.6-1.el5.rf.i386.rpm
rpm -iv rpmforge-release-0.3.6-1.el5.rf.i386.rpm
rm -rf rpmforge-release-0.3.6-1.el5.rf.i386.rpm

yum -y install openvpn openssl openssl-devel
cd /etc/openvpn/
cp -R /usr/share/doc/openvpn-2.1.4/easy-rsa/ /etc/openvpn/
cd /etc/openvpn/easy-rsa/2.0/
chmod +rwx *
. ./vars
source ./vars

Dont forget to give Y for creating certificates.
./build-key-server server
cp keys/{ca.crt,ca.key,server.crt,server.key,dh1024.pem} /etc/openvpn/

./build-key client1
cd keys/

Just paste the codes below into ur terminal.
remote $ip 1194                #Here you may have to specify the remote IP.
dev tun
ca ca.crt
cert client1.crt
key client1.key
route-delay 2
route-method exe
redirect-gateway def1
dhcp-option DNS
verb 3"

echo "$client" > $HOSTNAME.ovpn

tar czf keys.tgz ca.crt ca.key client1.crt client1.csr client1.key $HOSTNAME.ovpn
mv keys.tgz /root

dev tun
server         #Change the network to your network
ifconfig-pool-persist ipp.txt
ca ca.crt
cert server.crt
key server.key
dh dh1024.pem
push "route"
push "redirect-gateway"
keepalive 10 60
group nobody

echo "$opvpn" > /etc/openvpn/openvpn.conf

echo 1 > /proc/sys/net/ipv4/ip_forward
Replace the network with your IP
iptables -t nat -A POSTROUTING -s -o eth0 -j MASQUERADE   #Change the network to your network
iptables-save > /etc/sysconfig/iptables
echo "net.ipv4.ip_forward=1" >> /etc/sysctl.conf

If internet is not working then execute the following command replacing "main_ip" with ip address
#route add -net gw main_ip

/etc/init.d/openvpn start

Download /root/keys.tgz using winscp or other sftp/scp client such as filezilla
Create a directory named vpn at C:\Program Files\OpenVPN\config\ and untar the content of keys.tgz there
Start openvpn-gui, right click the tray icon go to vpn and click connect

All credit goes to the real owners. I just  edited it. If you are working with a new version, Change the version number. Have fun. For me, This worked beautifully.

No comments:

Post a Comment

Be nice. That's all.