Generate client certifictes with OpenVPN server
Before configuring client, I must generate some client files in the server.1
2
3cd /etc/openvpn/easy-rsa
source vars
./build-key client
If you have some different devices, you can :1
2
3./build-key client1
./build-key client2
./build-key clientx
After generating keys, we need to copy ca.crt , client.crt and client.key from server to client.
Configure OpenVPN client
Generate client configuration
Details are as follows:1
2
3
4
5
6
7
8
9
10
11
12
13
14client
dev tun # the same as server
proto udp #the same as server
remote vpn.server.hostname 7000
resolv-retry infinite
nobind
persist-key
persist-tun
ns-cert-type server
verb 3
ca ca.crt
cert client.crt
key client.key
comp-lzo
Ubuntu Client
Save the above configuration as “client.conf” in the path: /etc/openvpn, and Copy ca.crt , client.crt and client.key to /etc/openvpn/. Finally,1
/etc/init.d/openvpn start
Windows Client
Download OpenVPN Client software via the link. There is an old version client in my github.
After the client software installation, we can copy ca.crt , client.crt and client.key to installation_diretory/config. Start your OpenVPN, Right-click the OpenVPN icon on the taskbar and choose correct configuration to connect your server.
Android device
If you use a portable device, you should modify your configuration as following the link.
You can download the client software from Google Play. Also, you can download an old version client from my github.
After installing the client, you can import configuration file to client and enjoy it.
OpenWRT router
you can copy your client.conf to /etc/openvpn. ou also must edit /etc/config/openvpn, the content is as follows:1
2
3
4config openvpn custom_config
option enable 1
option config /etc/openvpn/client.conf
......
start your openvpn:1
/etc/init.d/openvpn start
If you want to realize the self-starting function when your router is on:1
/etc/init.d/openvpn enable