This topic is destined to users with some basic knowledge about VPN, who know how to create and setup a VPN client/server.
Here an example of creating and configuring an OpenVPN server
The configuration of the VPN requires:
client-openvpn.conf
. This is the main configuration file.ca.crt
client.p12
All those files have to be uploaded via the web UI.
Here is an example of a client configuration file:
################################################# # # # Client-side OpenVPN 2.X config file for # # connecting to multi-client server. # # # # Comments are preceded with '#' or ';' # # # ################################################# # Specify that we are a client and that we # will be pulling certain config file directives # from the server. client tls-client #remote-cert-tls server # Protocol proto udp #Tunnel dev tun #Server remote 192.168.1.14 #Certification Authority Certificate - Server Authentication ca ca.crt #User Key and Certificate - Client Authentication pkcs12 client.p12 cipher AES-256-CBC #auth SHA256 tls-version-min "1.0" tls-version-max "1.0" mssfix 1200 comp-lzo
Note: if you set a passphrase to access your private key, just add the following line in your configuration file :
askpass pass.txt
Fill the pass.txt
file with your password and protect it from reading to others that are not root:
# chmod 600 pass.txt
The two other files (.crt and .p12) have to be generated using the PKI.
Select the “Enable” button from the Administration > OpenVPN menu option and drag and drop the following files :
ca.crt
client.p12
client-openvpn.conf
Automatically the openvpn process will be launch at boot time and be monitored by the monit
tool.
Once the files are uploaded and the VPN feature is activated in the administration page, the VPN tunnel will automatically be created.