[Pacific Spirit]

Yes . that is a solid reason. i do open a ticket for it. i ll be back when i got confirmation. i also request you to kindly share with me full automated script for openvpn installer with easy-rsa key encryption.

OpenVPN is an open source virtual private network (VPN) software. Follow the steps below to configure OpenVPN on CentOS:

1. Install dependencies:

# yum install gcc make rpm-build autoconf.noarch zlib-devel pam-devel openssl-devel



2. Get OpenVPN:

# wget http://openvpn.net/release/lzo-1.08-4.rf.src.rpm

# wget http://dag.wieers.com/rpm/packages/rpmfo...x86_64.rpm

3. Prepare to install:

# rpmbuild --rebuild lzo-1.08-4.rf.src.rpm

# rpm -Uvh /usr/src/redhat/RPMS/x86_64/lzo-*.rpm

# rpm -Uvh rpmforge-release-0.3.6-1.el5.rf.x86_64.rpm

4. Install OpenVPN:

# yum install openvpn

5. Copy the OpenVPN directory:

# cp -r /usr/share/doc/openvpn-2.2.0/easy-rsa/ /etc/openvpn/

6. Build SSL keys. When prompted for key information, you can simply press enter to bypass:

#cd /etc/openvpn/easy-rsa/2.0

#chmod 755 *

#source ./vars

#./vars

#./clean-all

#./build-ca

#./build-key-server server

#./build-dh

7. Create the OpenVPN config:

# cd /etc/openvpn

# vi server.conf

Copy the following sample config into the document, edit the IP address and port to your main IP address and desired port, then press ESC, then :wq and enter to save and exit the document.

local 123.123.123.123 #- change it with your server ip address

port 1234 #- change the port you want

proto udp #- protocol can be tcp or udp

dev tun

tun-mtu 1500

tun-mtu-extra 32

mssfix 1450

ca /etc/openvpn/easy-rsa/2.0/keys/ca.crt

cert /etc/openvpn/easy-rsa/2.0/keys/server.crt

key /etc/openvpn/easy-rsa/2.0/keys/server.key

dh /etc/openvpn/easy-rsa/2.0/keys/dh1024.pem

plugin /usr/share/openvpn/plugin/lib/openvpn-auth-pam.so /etc/pam.d/login

client-cert-not-required

username-as-common-name

server 10.8.0.0 255.255.255.0

push "redirect-gateway def1"

push "dhcp-option DNS 208.67.222.222"

push "dhcp-option DNS 4.2.2.1"

keepalive 5 30

comp-lzo

persist-key

persist-tun

status server-tcp.log

verb 3



8. Start OpenVPN:

# openvpn /etc/openvpn/server.conf

Check that it returns "Initialization Sequence Completed." If so, press ctrl-c to quit.

9. Setup NAT rules:

# echo 1 > /proc/sys/net/ipv4/ip_forward

# iptables -t nat -A POSTROUTING -s 10.8.0.0/24 -j SNAT --to 0.0.0.0

(Modify "0.0.0.0" to your server's IP)

Create a user to login to the VPN with:

#useradd username -s /bin/false

#passwd username



10. Create an OpenVPN config file on your local machine with name vpn1.ovpn, copy the sample below with your IP and port, and place it in your OpenVPN configurations folder:

client

dev tun

proto udp

remote 123.123.123.123 4567 #- your OPENVPN server ip and port

resolv-retry infinite

nobind

tun-mtu 1500

tun-mtu-extra 32

mssfix 1450

persist-key

persist-tun

ca ca.crt

auth-user-pass

comp-lzo

verb 3

11. Download ca.crt from /etc/openvpn/easy-rsa/2.0/keys to the same OpenVPN configs folder.

12. Start the VPN on the VPS:

# openvpn /etc/openvpn/server.conf

Log in to the VPN from your local machine (using OpenVPN or another desktop client) with the username/password you created.