Archive
Setup OpenVPN Client in Linux
I needed to install OpenVPN(open source virtual private network) in my Linux machine to be able to access our staging server. OpenVPN allows you to establish a secure point to point access to network resources and services.
OpenVPN can be used in two ways – Server and Client. OpenVPN server is the system that you wish to use as VPN end-point or the one you want to access. In my case what I needed to do is to install OpenVPN as client or the one making a service request.
1. Install OpenVPN using terminal:
sudo apt-get install openvpn
2. Create client configuration file in /etc/openvpn
sudo cp /usr/share/doc/openvpn/examples/sample-config-files/client.conf /etc/openvpn
3. Setup client config file, server keys and certificates in /etc/openvpn folder (in my case our client sent these files generated from the server)
/etc/openvpn/client.conf
/etc/openvpn/keys/ca.crt
/etc/openvpn/keys/hostname.crt
/etc/openvpn/keys/hostname.key
/etc/openvpn/keys/ta.key
4. Edit client configuration file (client.conf) based on above directory
# example client config file
client
remote [server] 1194
dev tun
proto udp
ca /etc/openvpn/keys/ca.crt
cert /etc/openvpn/keys/hostname.crt
key /etc/openvpn/keys/hostname.key
ns-cert-type server
tls-auth /etc/openvpn/keys/ta.key 1
comp-lzo
keepalive 10 60
ping-timer-rem
persist-key
persist-tun
verb 3
5. Go to /etc/openvpn folder and start the OpenVPN
exist@exist:/etc/openvpn$ sudo openvpn client.conf
Mon Apr 23 13:44:43 2012 OpenVPN 2.1.0 x86_64-pc-linux-gnu [SSL] [LZO2] [EPOLL] [PKCS11] [MH] [PF_INET6] [eurephia] built on Jul 12 2010
Mon Apr 23 13:44:43 2012 IMPORTANT: OpenVPN's default port number is now 1194, based on an official port number assignment by IANA. OpenVPN 2.0-beta16 and earlier used 5000 as the default port.
...
Mon Apr 23 13:44:50 2012 [server] Peer Connection Initiated with [AF_INET]xxx.xxx.xx.xxx:1194
Mon Apr 23 13:44:52 2012 SENT CONTROL [server]: 'PUSH_REQUEST' (status=1)
...
Mon Apr 23 13:44:53 2012 TUN/TAP TX queue length set to 100
Mon Apr 23 13:44:53 2012 /sbin/ifconfig tun0 10.8.1.190 pointopoint 10.8.1.189 mtu 1500
Mon Apr 23 13:44:53 2012 /sbin/route add -net 192.168.3.0 netmask 255.255.255.0 gw 10.8.1.189
Mon Apr 23 13:44:53 2012 /sbin/route add -net 10.3.0.0 netmask 255.255.0.0 gw 10.8.1.189
Mon Apr 23 13:44:53 2012 /sbin/route add -net 10.8.1.1 netmask 255.255.255.255 gw 10.8.1.189
Mon Apr 23 13:44:53 2012 Initialization Sequence Completed
There you go! By this time, you should be able to access the application you want to test 🙂 However in our case we needed to setup the IP address of the server that we are trying to gain access in our hosts file. From the terminal, we type:
[user]@exist:~$ sudo su -
[sudo] password for [user]: [input password]
root@[user]:~# vi /etc/hosts
Then input the IP address and the corresponding name of the web server we are trying to access at the end of the line.
About Ubuntu
I’ve been using Ubuntu since 2009, then on I only knew it was an open source, secure Debian-based Linux operating system that most of our developers use so might as well use it.
I’ve never really cared about its story not until I read the book “Global Voices: The Compilation” by Craig and Marc Kielburger earlier this year where Archbishop Desmund Tutu contributed in the foreword:
“In Southern Africa we have a concept called Ubuntu – which is that you cannot exist as a human being in isolation . You can’t be human all by yourself. What you do, what I do affects the whole world.”
Wow! This was a refreshing idea for me. Ubuntu! what a strong word! Reading more About Ubuntu, I couldn’t agree more with some of their Code of Conduct – be considerate, be respectful and be collaborative.
Mitch Albom supports this idea in his book “The Five People You Meet in Heaven” where he emphasized that we are all connected:
“…there are no random acts. that we are all connected. That you can no more separate one life from another than you can separate a breeze from the wind.”
Now the Ubuntu logo makes more sense to me 🙂
“Humanity towards others”
Library of WONDERS 
Recent Comments