Adding a OpenVPN client on ubuntu 10.04…

First the certificate (key) should be created on the server.

cd /etc/openvpn/easy-rsa/
source vars
./pkitool hostname

Copy the certificate files to the client
* /etc/openvpn/ca.crt
* /etc/openvpn/easy-rsa/keys/hostname.crt
* /etc/openvpn/easy-rsa/keys/hostname.key

Then the client should be setup

apt-get install openvpn
cd /etc/openvpn
cp /usr/share/doc/openvpn/examples/sample-config/client.conf client.conf

Edit the client.conf file (edit all that you need to fit your config, the following are those I recommend):
The fix for Vista I add (commented out) since I am lazy and usually just copy a old config file to the next client

remote my.domain.com 1194

# a separate .crt/.key file pair
# for each client.  A single ca
# file can be used for all clients.
ca ca.crt
cert clientName.crt
key clientName.key

#fix for vista being stuid...
;route-method exe
;route-delay 2

Restart OpenVPN on the client:

 /etc/init.d/openvpn restart
 * Stopping virtual private network daemon(s)...                                
 *   No VPN is running.
 * Starting virtual private network daemon(s)...                                
 *   Autostarting VPN 'myVPN'                                         [ OK ]

Same as with the server, the above means that is went well, a [fail] means that the logs should be read for details.

A word of caution: [ OK ] only means that the OpenVPN was started ok – no errors in config etc.
There might still be issues with firewalls, wrong hostname (to the server) etc.
Check ifconfig and ping the server to make sure it is working.

Share and Enjoy

  • Facebook
  • Twitter
  • Delicious
  • LinkedIn
  • StumbleUpon
  • Add to favorites
  • Email
  • RSS
This entry was posted in How To Guides, Little Guides, Recent Client Installs, Usefully Found Stuff and tagged , . Bookmark the permalink.

Comments are closed.