Quick Guide to OpenVPN


Unlike IPsec, OpenVPN doesn't require patching the Linux kernel, it only uses a virtual device (in /dev/net/), only requires a user-land application, and is thus much easier and safer to use.


Here's how to use OpenVPN with certificates and asymetric encryption, which is a better alternative to using a pre-shared key:

  1. Create Certificate Authority (CA)
  2. Create pair of public/private keys for server and clients
  3. Create configuration files for server and clients


Here are the files an OpenVPN client needs:

Note that the .ovpn file must match the hostname used to create the client's keys.