Friday, March 29, 2013

[Tutorial] CentOS 6 OpenVPN Client - Connecting to Existing Site to Site VPN (TomatoUSB)

In this tutorial, I'm going to show you how to add a CentOS 6 server as a OpenVPN client to your existing Site to Site VPN.

This is an extension of my [Tutorial - 30 Minutes or Less] Site to Site VPN with TomatoUSB and OpenVPN and assumes you already have your Site to Site VPN operational. However, you should be able to follow this tutorial and connect to any existing OpenVPN Server.

At the end of this tutorial, your CentOS server will be able to securely access your LAN resources (i.e, computers, printers) on both sites and vice versa (you will also be able to seamlessly access your CentOS server).

Overview of the Steps:

1) Generate Certs and Keys
2) Copy/Transfer over Certs and Keys to Client VPS
3) Install OpenVPN (client)
4) Configure OpenVPN Client
5) Connect


Generate cert/keys for VPS (CentOS 6 32-bit OpenVPN Client)

SSH into your TomatoUSB OpenVPN Server.

#Setup and initialize environment
cd /opt/openvpn-easy-rsa
source ./vars


#myvps_client is the Common Name
./build-key myvps_client


Copy/Transfer over Certs and Keys to Client VPS

Since my CentOS server is running SSH, I'm going to use SSH and SCP (secure copy) to transfer over the certificates and key. You can also transfer over the keys via SFTP or a USB drive.


#create the /etc/openvpn/keys folder on my centos server
ssh root@myvps.qnology.com mkdir -p /etc/openvpn/keys 

#copy over the certificates and keys
#all one line
cd /opt/openvpn-easy-rsa
scp keys/ca.crt keys/myvps_client.crt keys/myvps_client.key root@myvps.qnology.com:/etc/openvpn/keys

Install OpenVPN on CentOS 6

#Bring everything up to date
yum -y update

#Add EPEL (Extra Packages for Enterprise Linux) Repo
# RHEL/CentOS 6 32-Bit ##
cd /tmp 


wget http://download.fedoraproject.org/pub/epel/6/i386/epel-release-6-8.noarch.rpm rpm -ivh epel-release-6-8.noarch.rpm

yum --enablerepo=epel install openvpn.i686

Configure OpenVPN Client

#copy sample client.conf to /etc/openvpn
cp /usr/share/doc/openvpn-2.2.2/sample-config-files/client.conf /etc/openvpn


#edit openvpn client.conf
nano /etc/openvpn/client.conf

Update the following lines
#remote OpenVPNServer.ADynamicDNSAddress.com 1194
#ca /etc/openvpn/keys/ca.crt
#cert /etc/openvpn/keys/myvps_client.crt
#key /etc/openvpn/keys/myvps_client.key

#start VPN manually to test
openvpn --config /etc/openvpn/client.conf


#test starting VPN as a service
service openvpn start

#autostart at OpenvPN client on reboot
chkconfig openvpn on



37 comments :

  1. Hi Qui,
    Thanks for all the hard work you have done on making this happen. Worked really well for me until I had daft idea of Cups printing. Killed setup so did a reinstall. all working except getting error on svn checkout https://github.com/archlinuxarm/PKGBUILDs/trunk/aur/plexmediaserver as file not found. what should I do now?

    ReplyDelete
    Replies
    1. You posted this comment on the wrong blog. :)

      Thanks for letting me know. Link has been updated. Build in progress and will update pre-compiled package this weekend.

      Delete
  2. Well ! I use the above steps to add cent os server to vpn . After setting a vpn , i use Ip-details.com to check whether ip gets changed or not .

    ReplyDelete
  3. You have a real ability for writing unique content. I like how you think and the way you represent your views.Thanks.

    ReplyDelete
  4. I like such tutorials cause they are short and precise. It is talent to write the most important things in the article. I know it cause notext I am a writer.

    ReplyDelete
  5. Superbly written article, if only all bloggers offered the same content as you, the internet would be a far better place.. web

    ReplyDelete
  6. With all that software I still can't get myself VPN so probably this solution will work. I rarely rely on any sites or services besides HitTheGrade but your blog is really cool so I wanna give it a try. Thank you for posting!

    ReplyDelete
  7. iTunes is an Apple particular software program, iTunes Account Though iTunes login accounts are mainly made use of on Apple tools.

    ReplyDelete
  8. So you've selected to dive your self into the universe of sport advancement, have accumulated a group of forceful warriors to handle all the tremendous problems and are prepared to make the subsequent high-quality game inside the commercial enterprise. Gmod game

    ReplyDelete
  9. Creating a blog can appear difficult for many people, even though for some individuals it's an simple process. Nevertheless, a very important factor that everybody shares in common is that they are searching for ways to improve their blog and attain incre.cheap shoes in Pakistan

    ReplyDelete
  10. Uptime is one of the most important factors in maintaining an effective online presence. Outages of any duration can be costly. Downtime can impact your organization directly by causing lost sales, signups, etc., or indirectly by hurting your reputation and brand image.mens casual dress shoes

    ReplyDelete
  11. Loved to read your blog. I speedypaper review would like to suggest you that traffic show most people read blogs on Mondays. So it should encourage blogger to write new write ups over the weekend primarily.

    ReplyDelete
  12. You have shared a nice article here about the CentOS 6 OpenVPN Client. Your article is very informative and I liked your way to share this article here. If anyone looking for the static ip vpn service, Visit vpnshazam.com

    ReplyDelete
  13. This website can live streaming , you can join at my site :
    agen judi online terpercaya
    Prediksi Bola

    Thank you
    agenpialaeropa.net

    ReplyDelete
  14. This website can live streaming , you can join at my site :
    agen judi online terpercaya
    Prediksi Bola

    Thank you
    agenpialaeropa.net

    ReplyDelete
  15. I think this is an informative post and it is very useful and knowledgeable. therefore, I would like to thank you for the efforts you have made in writing this article. If you are looking for antivirus security for your PC and any other digital devices than. Visit@: my sites :-
    mcafee.com/activate |
    office.com/setup |
    McAfee.com/activate |
    office.com/setup |

    ReplyDelete
  16. Thanks for all the tips mentioned in this article! it’s always good to read things you have looking for antivirus security for your PC and any other digital devices than. Visit@: my sites :- office.com/myaccount |
    office.com/myaccount |
    McAfee MIS Retailcard |
    www.mcafee.com/activate.

    ReplyDelete
  17. office.com/setup microsoft office setup is the item setup record with this setup report you can present on your pc and a part of the reinforced contraption to use microsoft office. The microsoft office programming just as all the item constantly has the setup record, and it is basic, without the setup report the item turn futile
    office.com/setup

    ReplyDelete
  18. office.com/setup get present and dynamic. microsoft office setup is the full suite of microsoft limit programming that joins a blend of businesses, affiliations, and server like surpass desires, powerpoint, word, onenote, distributer and access.
    office.com/setup

    ReplyDelete
  19. norton.com/setup norton antivirus actuation and setup of specialized help administrations norton antivirus is intended to identify and wipe out the conceivable dangers for a framework like worms,trojan and different infections and can play out various application examine.
    office.com/setup
    norton.com/setup
    mcafee.com/activate
    mcafee.com/activate

    ReplyDelete
  20. Thanks for posting this info. I just want to let you know that I just check out your site and I find it very interesting and informative.
    mcafee.com/activate|mcafee.com/activate|mcafee.com/activate|mcafee.com/activate|norton.com/setup|office.com/setup

    ReplyDelete
  21. Thanks for taking the time to share this informative article here. Reading your article I got numerous valuable information about the VPN. Get a solution for your all MS office problems from officecomsetup-key.com. To know more about us from install office setup

    ReplyDelete
  22. Wow i can say that this is another great article as expected of this blog.Bookmarked this site.. 5g Technology

    ReplyDelete
  23. Hey, very nice site. I came across this on Google, and I am stoked that I did. I will definitely be coming back here more often. Wish I could add to the conversation and bring a bit more to the table, but am just taking in as much info as I can at the moment. Thanks .

    DedicatedHosting4u.com

    ReplyDelete
  24. Consistently learning the new skills and using them to improve myself in the form of performance for betterment.

    Thanks
    Cpa offers

    ReplyDelete
  25. office.com/setup, Office Setup with product key Visit www.office.com/setup and follow the on-screen instructions for Office 2019, Office 365, Step by Step.

    ReplyDelete
  26. office.com/setup- For Downloading, Installing and activating the Office product key, visit www.office.com/setup and Get Started previously Office setup.

    ReplyDelete
  27. This is a fantastic idea! I like it a lot because it's super easy for the audience to see the value of opting in. wonderful and amazing post very use full your post thanks for sharing your article
    Android Application development
    Web application

    ReplyDelete


  28. Your post is very good. I got to learn a lot from your post. Thank you for sharing your article for us. it is amazing post
    what is seo
    types of seo

    ReplyDelete
  29. Let create a new world for yourselft by way take part in the games– sims 4 cheats in my site. Click link to visit site. Thank you so much. sims 4 skill cheats

    ReplyDelete
  30. Sign in to enter office setup product key. Know how to benefit, download, install, set in movement, uninstall and reinstall MS office setup.
    office.com/setup
    http://officecom-officeoffice.com/
    call us at +1-888-421-9666[tool free]

    ReplyDelete
  31. Great job, I read a lot of blog post and I never heard of a topic like this. This is probably the best, most concise step -by-setup guide I have ever seen.

    office.com/setup ! mcafee.com/activate ! mcafee.com/activate


    ReplyDelete