GPT it out:
Here’s a step-by-step guide to setting up an OpenVPN server on your PC and instructions on how to connect to it.
Part 1: Setting Up the OpenVPN Server
1. Install OpenVPN
1. Windows:
• Download the OpenVPN installer from the OpenVPN website.
• Run the installer and select all default options, including the OpenVPN TAP driver.
2. Linux:
• Run the following commands:
sudo apt update
sudo apt install openvpn easy-rsa
3. macOS:
Use a package manager like Homebrew:
brew install openvpn
2. Configure the Server
1. Navigate to the Easy-RSA directory:
cd /etc/openvpn/
sudo mkdir easy-rsa
cp -r /usr/share/easy-rsa/* easy-rsa/
cd easy-rsa
2. Initialize the PKI environment:
./easyrsa init-pki
3. Build the Certificate Authority (CA):
./easyrsa build-ca
• You will be prompted to create and confirm a password for the CA.
4. Generate the Server Certificate and Key:
./easyrsa build-server-full server nopass
5. Generate the Diffie-Hellman Key:
./easyrsa gen-dh
6. Generate a Shared Key for TLS Authentication:
openvpn --genkey --secret ta.key
7. Copy the generated files to the OpenVPN directory:
sudo cp pki/ca.crt pki/issued/server.crt pki/private/server.key pki/dh.pem ta.key /etc/openvpn/
3. Create the Server Configuration File
1. Create a new file: /etc/openvpn/server.conf.
sudo nano /etc/openvpn/server.conf
2. Add the following configuration:
port 1194
proto udp
dev tun
ca ca.crt
cert server.crt
key server.key
dh dh.pem
tls-auth ta.key 0
server 10.8.0.0 255.255.255.0
ifconfig-pool-persist ipp.txt
push "redirect-gateway def1 bypass-dhcp"
push "dhcp-option DNS 8.8.8.8"
keepalive 10 120
cipher AES-256-CBC
user nobody
group nogroup
persist-key
persist-tun
status openvpn-status.log
verb 3
3. Save and exit the file.
4. Start the OpenVPN Server
1. Enable and start OpenVPN:
sudo systemctl enable openvpn@server
sudo systemctl start openvpn@server
2. Check if it’s running:
sudo systemctl status openvpn@server
Part 2: Generating Client Files
1. Generate the client certificate:
./easyrsa build-client-full client1 nopass
2. Create a client configuration file:
Create a new file client1.ovpn:
nano client1.ovpn
3. Add the following to the file:
client
dev tun
proto udp
remote [YOUR_SERVER_IP] 1194
resolv-retry infinite
nobind
persist-key
persist-tun
remote-cert-tls server
cipher AES-256-CBC
verb 3
key-direction 1
[Insert contents of ca.crt here]
[Insert contents of client1.crt here]
[Insert contents of client1.key here]
[Insert contents of ta.key here]
4. Save the file and distribute client1.ovpn to the client.
Part 3: Connect to the OpenVPN Server
1. Install OpenVPN Client:
• Download and install the OpenVPN client from the OpenVPN website.
2. Import the .ovpn file into the client.
3. Connect using the OpenVPN client.
Troubleshooting
• Ensure port 1194 is open on your firewall.
• Test your connection with the OpenVPN logs for debugging.
Let me know if you need help with any step!
