Installation of OpenVPN

1. Install the OpenVPN server:

In this step, you go ahead and install the OpenVPN RPM package available from their official repository. A simple yum install does the job:

~] yum install http://swupdate.openvpn.org/as/openvpn–as–2.1.9–CentOS6.x86_64.rpm

Once the installation is completed, it will give you a message about how you can access the UI for both the admin page as well the page needed for users to connect to:

1. Set Password for the OpenVPN user:

In order to log in to the admin console, you need to set the password for the openvpn user. Use the passwd utility to set the password and this will be the admin password for your OpenVPN setup:

.

Once the password is set, go to the admin console by typing the URL that was displayed in step 1. Make sure that you use the public IP address as in the AWS environment; generally, you will be shown the private IP address.

On entering the URL, you will be presented with a login screen that might look similar to the following screenshot:

1. Configure VPN server:

Once you log in to the server, you will be presented with the overall Status of your OpenVPN server along with various configuration and User Management parameters for you to play around with as an administrator:

One important thing to do initially is to set the Hostname or IP Address of your VPN in the Server Network Settings under the Configuration tab:

1. Set up the OpenVPN client:

Once the configuration has been set for the OpenVPN, you will now look into the client interface through which the users will be connecting. Go to the URL for client login that was presented during the installation and you will be presented with the login screen:

On your Login, you will be presented with certain options that will be required for the client to authenticate. The first option is to download the OpenVPN client for the OS that is being used and the second important part is to download your profile.

The profile contains the entire important configuration that will allow you to connect to VPN server. Make sure that you download the profile:

1. Connect to VPN Server:

There are different ways to start the OpenVPN client depending on the OS that is being used. For Windows and MAC, there is a GUI client; however, for Linux, we can use the command-line client:

     ~] sudo openvpn ––config kplabs.ovpn  

1. Verify the connectivity:

You are now connected to VPN. If we try and ping private IP of the instance, it should work:

Perfect, it seems to be working fine. Now that you have your basic VPN setup, let's spend some time understanding a few important best practices once you deploy it in production.