Applies to Platform: Linux OS
Updated on: 18th of April, 2012
Scenario
This lessons illustrates how to configure a Linux OpenVPN client to use certificate authentication.
Prerequirites
PC with Linux OS.
Root privileges to install openvpn community package
Internet connectivity to download openvpn community package.
CLIENT INSTALLATION
If you have a debian-based linux distribution on your PC to install openvpn run from root:
root@linux:~# aptitude install openvpn
Otherwise you can consult the man page of the package manager of your linux distribution.
For more information about installation go to http://openvpn.net/index.php/open-source/documentation/install.html
Note
Client Configuration
In your OpenVPN config folder, /etc/openvpn, create a folder called ACME-vpn, then go to /etc/openvpn/ACME-vpn, create a client configuration file called e.g., ACME-vpn.conf, and insert the text below.
client dev tap proto udp #only if you use udp protocol remote IP 1194 #1194 only if your VPN server port is default port resolv-retry infinite nobind persist-key persist-tun pkcs12 john.p12 #this is the p12 client certificate #auth-user-pass #uncomment this row to use two factors authentication verb 3 comp-lzo ns-cert-type server
Replace IP above with the public IP of the server.
To create john.p12 client certificate, please follow this guide, then copy .p12 file into /etc/openvpn/ACME-vpn/.
Now go to /etc/openvpn/ACME-vpn/ and run as root:
root@linux:~# openvpn ACME-vpn.conf
Comments