0. Lazy setup fully automated
If you have GPLHost repository in your apt/sources.list:
deb ftp://ftp.gplhost.com/debian stable main
then simply do:
apt-get install gplvpn
This package will setup every dependency, and it's postinst script will do the work for you: generate the server keys and config files, and generate keys for 20 clients. Now see the rest to have more details (you can skip chapter 1. if you did like above).
1. Setup the sever manually
Install openvpn and the needed utils:
apt-get install openvpn openssl udev
Get this file:
Move the content of openvpn-setup in the archive in the /etc/openvpn. Start the "setup" script. That should be enough to have a working setup. This setup script will create a key for 20 clients, which should be enough for most users. It guesses the IP address using netstat -rn, as most chances that your gateway interface is the one that is your public IP address.
2. Client setup
The configuration files for the client are in a generated folder client-config. You should send the files corresponding to the client in each computers. Note that the file is to be used with OpenVPN GUI client under windows, as this is the most common setup. It should be quite easy to change the config file for Unix (simply rename with .conf extention instead of .ovpn, and edit the path so OpenVPN can find it's keys).
3. Windows client(s) setup with OpenVPN GUI
The OpenVPN GUI is available within the 2.1 release packages.
4. How to fix the user access control problem under Vista
Please follow any of the steps at the following URL to disable UAC. This allows a simpler use of OpenVPN, since the extra security controls in place interfere with OpenVPN:
5. Please edit the client.ovpn file (in wordpad in case notepad doesn't contain the carriage returns correctly), and add the following to entries, to ensure that it works correctly with Vista
6. In case you can connect, but browsing does not seem to work, you will probably need to fix the DNS setting in the server configuration
push "dhcp-option DNS 188.8.131.52"
7. Setup a bridge to route between 2 locations
If you need to have one network from a data center connected to let's say your home, then you might need this scrip:
What id does is create a bridge between your tap0 interface and your eth0. Note that you should use tap, and NOT the tun device in your OpenVPN configuration file. This script is taken from the OpenVPN bridge howto, but we have added the management of the network gateway and it has start / stop options, so it can be put in /etc/init.d
Note that you HAVE to AT LEAST use a screen session to start this script, as you WILL get disconnected from ssh when you run it. Indeed, the bridge will go in the "learning state" for a while (maybe from 5 to 20 seconds) before you get connectivity back. Best is to use the physical console of a VPS or a KVM if you can.
Also, do NOT forget to edit the IPs in the script...
8. In case you want many clients with many public IPs
Then follow this script.
Please change the IP address to a DNS server that is accessible by the server running the VPN.
Editing this page means accepting its license.