How To Setup VPN With OpenVPN on Windows Print

  • 0

Setting up an OpenVPN server on Windows

 

This is a step-by-step guide on how to configure an Open VPN server on Windows operating systems and connect clients to the created virtual private network.

 

Download & Installation of OpenVPN Server

 

Download and install the OpenVPN server on your operating system. Make sure all features will be installed while installing VPN server.

 

When installing OpenVPN on the sever you need to choose manual installation because default installation will skip the necessary features.

 

There are two features that required to create Open VPN server are OpenVPN service and OpenSSL.

 

 

 

To configure the OpenVPN server, You need to use the command line. Remember to open a command prompt with administrative privileges.

 

First, you need to navigate to the easy rsa directory of OpenVPN. To navigate this directory please use the below command in CMD.

 

cd "C:\Program Files\OpenVPN\easy-rsa"

 

Next, you run the file EasyRSA-Start.bat located in easy-rsa directory.

 

EasyRSA-Start.bat

 

 

We start configuring OpenVPN with the initialization command.

 

./easyrsa init-pki

 

Now you create a neccsary files for open VPN

 

./easyrsa build-ca nopass

 

OpenVPN server will need four files included ca.rt, server.crt. server.key, dh.pem. These commands to generate the certificate and key files for the server.

 

./easyrsa build-server-full server nopass

 

 

Now we will create a file dh.pem, which encrypts the data by following command.

 

./easyrsa gen-dh

 

 

We need below mentioned files that need to be copied to the config, and config auto  folder C:\Program Files\ OpenVPN\config & C:\Program Files\ OpenVPN\config auto

 

1.  C:\Program Files\ OpenVPN\easyrsa\pki\ca.crt

 

2. C:\Program Files\ OpenVPN\easyrsa\pki\dh.pem

 

3. C:\Program Files\ OpenVPN\easyrsa\pki\Issued\server.crt

 

4. C:\Program Files\ OpenVPN\easyrsa\pki\private\sever.key

 

Next, Open a notepad with administrative rights and create a text file with the content as below:

 

=====================

 

port 1194

 

proto udp

 

dev tun

 

ca ca.crt

 

cert server.crt

 

key server.key

 

dh dh.pem

 

server 10.20.30.0 255.255.255.0

 

push "redirect-gateway def1"

 

ifconfig-pool-persist ipp.txt

 

keepalive 10 120

 

comp-lzo

 

persist-key

persist-tun

 

status openvpn-status.log

 

verb 3

====================

 

Please note that the list of the file names in above content to must match of the files that we created in the previous steps:

 

 

Next, save the file with the ovpn extension and save it in the config auto folder of OpenVPN (e.g server.ovpn). You can refer to the below directory.

 

C:\Program Files\ OpenVPN\config auto

 

 

Allow OpenVPN to window firewall

 

You need to allow port 1194 UDP protocol to bypass windows firewall. If you don't know how to allow port. You can refer to this knowledgebase of How to Open/Close port on WIndows Server.

 

Enable Internet Connection Sharing (ICS) in Server Window

 

First you need to set Routinf and Remote Access service as Automatic. Please folloe below steps:

 

  • Start -> Right-click My Computer -> Manage
  •  
  • Services
  •  
  • Right-click Routing and Remote Access -> Properties -> Automatic
  •  
  • Right-click Routing and Remote Access -> Start

 

 

You have now enabled and started the routing and remote access service.

Next,

 

Please follow below steps to enable your ICS.

  •  
  • Control Panel
  •  
  • Network and Sharing Center
  •  
  • Local Area Connection
  •  
  • Properties
  •  
  • Sharing
  •  
  • Tick the box "Allow other network users to connect through this computer's Internet connection"
  •  
  • From the drop-down list select "Local Area Connection 2", or whatever is the connection name of your TAP server connection.

 

Enable IP Routing

 

find the directory HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ Services \ Tcpip \ Parameters. In the right part of the window, find the IPEnableRouter variable, double-click into the value editing window and change it to 1, thereby allowing addressing on the VPS.

 

 

 

Restart the  OpenVPN Service

 

The last step on the OpenVPN server is to restart the OpenVPN service with the comman as below:

 

net stop openvpnservice

 

net start openvpnservice

 

 

Create a Client of OpenVPN

 

We return to the command window to create the neccesary files for the OpenVPN client by following client.

 

./easybuild-client-full client01 nopass

 

 

On the OpenVPN client, we need three files including ca.rt, client01.crt and client.key. After  run the command we need to copy these files to any specific folder for cilent usage.

 

We need the below-mentioned files that need to be copied and send these file openVPN cilent so that it can connect to the openVPN server.

 

1.  C:\Program Files\ OpenVPN\easyrsa\pki\ca.crt

 

 

2. C:\Program Files\ OpenVPN\easyrsa\pki\Issued\client01.crt

 

3. C:\Program Files\ OpenVPN\easyrsa\pki\private\client01.key

 

You have many ways to send these files like email, cloud transfer etc. Through this method you can create multiple clients.

 

 

Configure OpenVPN client 

 

You can download and install the OpenVPN server on your operating system. But when you installing you just need to choose the default setting.

 

 

Next, you need to navigate C:\Program FIles\OpenVPN\config . You can copy the cilent files that you send previously to client and paste it into config folder on client system. FIles including ca.crt, client01.crt, and client01.key.

 

 

Next, Open a notepad with administrative rights and create a text file with the content as below:

 

===================

client

 

dev tun

 

proto udp

 

remote your_domain/IP 1194

 

resolv-retry infinite

nobind

persist-key

persist-tun

 

ca ca.crt

cert client01.crt

key client01.key

 

comp-lzo

 

verb 3

=============

 

 

In above text, you need to enter your server IP/Domain. For example: remote 192.168.X.X 1194

 

Please note that the list of the file names in above content to must match of the files that we created in the previous steps:

 

 

Next, save the file with the ovpn extension and save it in the config auto folder of OpenVPN (e.g client.ovpn). You can refer to the below directory.

 

C:\Program Files\ OpenVPN\config

 

 

After saving the files you need to start your client VPN as below screenshot:

 

 

In taskbar, you can see a openVPN client icon, right click on this icon and click on connect button you will see below window.

 

 

After some moments, You can connect to your OpenVPN server. Thank you for reading.

 

 


Was this answer helpful?

« Back

Powered by WHMCompleteSolution