Quick Guide to OpenVPN

Introduction

Unlike IPsec, OpenVPN doesn't require patching the Linux kernel, it only uses a virtual device (in /dev/net/), only requires a user-land application, and is thus much easier and safer to use.

Setup

Here's how to use OpenVPN with certificates and asymetric encryption, which is a better alternative to using a pre-shared key:

1. Create Certificate Authority (CA)
2. Create pair of public/private keys for server and clients
3. Create configuration files for server and clients

Client

Here are the files an OpenVPN client needs:

• ca.crt
• client1.crt
• client1.key
• client1.ovpn

Note that the .ovpn file must match the hostname used to create the client's keys.

Resources