OpenVPN Server Configuration for GNU/Linux Servers

create-client.sh

#!/bin/bash

source /etc/openvpn/easy-rsa/vars

client=$1
/etc/openvpn/easy-rsa/build-key $client

mkdir -p /tmp/tmp-vpn-client/$client
cp /etc/openvpn/easy-rsa/keys/$client.* /tmp/tmp-vpn-client/$client/
cp /etc/openvpn/easy-rsa/keys/ca.crt /tmp/tmp-vpn-client/$client/
cp /etc/openvpn/easy-rsa/keys/client.conf /tmp/tmp-vpn-client/$client/$client.ovpn

echo "<key>" >> /tmp/tmp-vpn-client/$client/$client.ovpn
cat /tmp/tmp-vpn-client/$client/$client.key >> /tmp/tmp-vpn-client/$client/$client.ovpn
echo "</key>" >> /tmp/tmp-vpn-client/$client/$client.ovpn

echo "<cert>" >> /tmp/tmp-vpn-client/$client/$client.ovpn
cat /tmp/tmp-vpn-client/$client/$client.crt >> /tmp/tmp-vpn-client/$client/$client.ovpn
echo "</cert>" >> /tmp/tmp-vpn-client/$client/$client.ovpn

echo "<ca>" >> /tmp/tmp-vpn-client/$client/$client.ovpn
cat /tmp/tmp-vpn-client/$client/ca.crt >> /tmp/tmp-vpn-client/$client/$client.ovpn
echo "</ca>" >> /tmp/tmp-vpn-client/$client/$client.ovpn

#touch /etc/openvpn/ccd/$client

cp /tmp/tmp-vpn-client/$client/$client.ovpn /root/

rm -r /tmp/tmp-vpn-client/$client

openvpn-conf.md

OpenVPN Config

apt-get install openvpn easy-rsa
mkdir /etc/openvpn/easy-rsa
cp -rf /usr/share/easy-rsa/* /etc/openvpn/easy-rsa

Edit the vars file in order to create certificates information:

nano /etc/openvpn/easy-rsa/vars

cd /etc/openvpn/easy-rsa
source vars
./clean-all # Cleans everything in keys

./build-ca
./build-key-server MYSERVER-VPN

Client add and configuration:

source ./vars
./build-key CLIENT-NAME

./build-dh

Copy server related files in order to run the server:

cd keys/
cp dh2048.pem ca.crt MYSERVER-VPN.crt MYSERVER-VPN.key /etc/openvpn

Configuring Server:

cp /usr/share/doc/openvpn/examples/sample-config-files/server.conf.gz /etc/openvpn/
gzip -d /etc/openvpn/server.conf.gz
nano server.conf # Edit carefully

Client Config File:

cp /usr/share/doc/openvpn/examples/sample-config-files/client.conf /etc/openvpn/