Install OpenVPN Client¶
apt update apt install openvpn cp "${CONFIG_OVPN}" "/etc/openvpn/client_${REMOTE_NAME}.conf" systemctl enable "openvpn@client_${REMOTE_NAME}" systemctl start "openvpn@client_${REMOTE_NAME}"
Generate Certificate (on Server)¶
You'll probably also want to do the following things:
- Connect the client
systemctl status openvpn@server
echo "${CLIENT_NAME},${CLIENT_IP}" >> /etc/openvpn/ipp.txt
- Setup
/etc/openvpn/ccd/${CLIENT_NAME}
#!/bin/bash -eu # this setup requires user input, and should be done once per client... if [ $# -lt 1 ]; then { echo "usage:" echo " ${0} [client_name]" } >&2 exit 1 fi SERVER_FQDN="vpn.me.com" CLIENT_NAME="${1}"; shift cd /etc/openvpn/easy-rsa/ . vars ./build-key "${CLIENT_NAME}" # see: # /usr/share/doc/openvpn/examples/sample-config-files/client.conf # openvpn(8) cat >"./keys/${CLIENT_NAME}.ovpn" <<EOF client dev tun proto tcp remote ${SERVER_FQDN} 1194 resolv-retry infinite nobind persist-key persist-tun remote-cert-tls server comp-lzo verb 3 user nobody group nogroup <ca> $(cat "./keys/ca.crt") </ca> <cert> $(cat "./keys/${CLIENT_NAME}.crt") </cert> <key> $(cat "./keys/${CLIENT_NAME}.key") </key> EOF
Check Status¶
systemctl status 'openvpn@client_*'