HomeGuide

How to Use and Configure OpenVPN

On by

If you are lucky enough to have a job that only requires a computer and an internet connection, you may be able to telework, here are some tips on teleworking.

In this way you will most likely need to access your office remotely, to your home or to the place where you have the necessary resources to carry out your function, whether they are repositories or a shared folder.

How to Use and Configure OpenVPN

How to Use and Configure OpenVPN

All of this can be done with a Virtual Private Network or VPN connection. In this guide, we are going to show you how to set up your own VPN server and connect to it using a VPN client.

By creating a VPN connection we will simulate that we are connected to the local network of the device that acts as the server.

So if we have the VPN server at home it will be the same as if we were there in terms of resources, we can print with our printer, use our connection to the internet or connect to equipment that we have in our local network. Also with a VPN we can access the internet using our local connection.

There are many clients/servers for VPN connections, we are going to use OpenVPN for both the server and the client. OpenVPN is free software that also works wonderfully without spending a penny on subscriptions, with it we will have the services we need for a standard VPN connection.

Its software is used to configure the server and the client, in addition to Windows, with OpenVPN you have a client for Mac, Linux or even to set up your own VPN on a Synology NAS.

How to Install the OpenVPN Server and its Certificates in Windows 10

OpenVPN’s software to create your home server with Windows 10 is free, although the company offers other types of services with a subscription model such as connecting to the company’s own VPN servers for a few dollars a month.

But we are going to use the software to connect to our home, office or wherever we are going to create the server with Open VPN, let’s see how to do it step by step.

  1. We download the OpenVPN software, in this case, version 2.4.8 for Windows 10 which will serve as the server for your website, we select this version below and download it.
  2. Once downloaded, click on it to install it, click on Next and I Agree and in the next window, we make sure that the EasyRSA 2 Certificate Management Scripts option that is at the end of the list will be installed.
  3. We click Next to finish the installation, we follow the steps on the screen. It is possible that a message appears at the end of the installation indicating that there is no configuration file, we simply click on Accept.
  4. Once OpenVPN is installed, click on the Windows magnifying glass to look for Command Prompt and right-click to select Run as administrator.
  5. Now we have to look for the folder where OpenVPN has been installed, we go to C:\Program Files\OpenVPN\easy-rsa simply by typing cd “C:\Program Files\OpenVPN\easy-rsa” .
  6. Now we start the configuration of the OpenVPN server, type init-config and press enter.
  7. We edit the file that has just been created vars.bat, we can directly write Notepad vars.bat and press enter, Notepad will open with the file to edit.
  8. Inside the vars.bat file, at the end, we will have some data to change, from COUNTRY to EMAIL we add our data, save and exit.
  9. Now from the terminal, we execute the vars command and then we execute clean-all. Now we are going to build the certificates and the authenticity keys to be able to connect to the server in a secure way, we will continue using the terminal so it is better not to close it. Let’s see how to do this easily.
    1. In our Command Prompt and type build-ca and press enter to run it.
    2. Now we will be asked for some data for the configuration file, since we have already filled them in previously we can press enter to go to the next one and when Common Name appears we will have to write the name we want to give our server.
    3. Now we will generate the certificate and the key for the server, we write build-key-server and the name that we have given to the server in the Common Name section, in our case it would be build-key-server Geeknetic.
    4. It will ask us for some extra data, we press enter until we reach the question Sing the certificate? [y/n]: where we must answer Yes by typing Y and pressing enter, this is used to sign the certificate and make it trustworthy. We write Y again and press enter to finish signing the certificate.

All that remains is to encrypt the files so that the connection is secure. We type build-dh and press enter These are the necessary steps to be able to later configure our server with OpenVPN.

OpenVPN Server Configuration in Windows 10

The time has come to configure our server, the VPN configuration is done through a configuration file, OpenVPN has an example file and on this we will modify the necessary parameters in addition to adding the keys that we have previously generated. Let’s see how to do all this.

  1. We open Start and look for the folder where OpenVPN has been installed, click on Open VPN Sample Configuration Files and the folder where the sample configuration files are located will open.
  2. We copy the server.ovpn file to the OpenVPN config folder at C:\Program Files\OpenVPN\config .
  3. We edit the server.ovpn file we are going to use Atom, although you can use any text editor.
  4. We locate the lines ca ca.crt, cert server.crt and key server.key and change them to:ca “C:\\Program Files\\OpenVPN\\config\\ca.crt”cert “C:\\Program Files\\OpenVPN\\config\\server.crt”key “c:\\Program Files\\OpenVPN\\config\\server.key”,

    remember to include the quotes and that server is the name you gave in Common Name above.

  5. Now we do the same with the following line dh dh2040.pem we modify it:dh “C:\\Program Files\\OpenVPN\\config\\dh2048.pem”.
  6. We save our configuration file server.ovpn.
  7. Now we go to the folder C:\Program Files\OpenVPN\bin by typing cd “C:\Program Files\OpenVPN\bin” and pressing enter.
  8. We create the missing key for the server by typing the command openvpn –genkey –secret ta.key and pressing enter.
  9. Now we only need to copy all the files created to the same folder of the server configuration file, We copy the ta.key file that is in the same bin folder and paste it in the OpenVPN config folder.
  10. We do the same with the ca.crt server.crt and server.key files that are in the OpenVPN Easy-rsa folder.

We already have everything necessary for our OpenVPN server to work correctly.

Start the OpenVPN server

We have carried out all the necessary steps to configure the OpenVPN server in Windows, now we just need to run it and leave it working to connect to it from a client, we will show you this a little below.

  1. Open start and go to the OpenVPN folder.
  2. Select OpenVPN GUI to start OpenVPN.
  3. Since it only has one configuration file and it is the server’s, we can directly connect, for this we go to the OpenVPN icon and right-click on connect.
  4. If we have done everything correctly, in a few seconds our server will be connected.

So that we do not have a problem, the ideal is to open the VPN connection automatically when you log in with Windows. Now we only have to connect the clients that we want to our OpenVPN server that we have created, let’s see how to configure a client to access the server.

How to connect to the VPN with the OpenVPN client

Once we have the server running and connected, we will only have to connect to it, for that we are going to configure the OpenVPN client.

This process is much easier than the previous one. For the client, we will use the same software as for the server, plus you also need to install EasyRSA 2 and its corresponding keys and certificates. First of all, we are going to generate these keys, for this we have to do it on the server.

  1. We go to the Windows magnifying glass and write Command Prompt and right-click to run it as administrator.
  2. We go to the folder where easy-rsa is by typing cd “C:\Program Files\OpenVPN\easy-rsa” and press enter.
  3. Once inside we write the command vars when pressing enter nothing should appear.
  4. Now we execute build-key and then we will write the name of the client that is going to connect to the server, in our case we write build-key geekcliente and press enter.
  5. Press enter to leave the data that we had added at the beginning until we reach the Common Name option where we will have to write the name of the client.
  6. We continue pressing enter to leave the data as it was until it asks us if we want to sign the certificate, we write and, confirm again with and.

Once the certificates are created, we save them in some medium to be able to transport them to the client’s computer, for example, a USB drive, the files we need are:

  • ca.crt
  • ta.key
  • clientname.crt (in our case geekclient.crt)
  • clientname.key (in our case geekclient.key)

Now we will have to install the OpenVPN software on the client’s computer, in this case, we can follow the previous steps since it requires the same configuration as the server:

  1. We download the OpenVPN version 2.4.8 software for Windows 10 that will serve as the server for your website, we select this version that is below and download it.
  2. Once downloaded, click on it to install it, click on Next and I Agree and in the next window we make sure that the EasyRSA 2 Certificate Management Scripts option is checked at the end of the list so that it is installed together with OpenVPN.
  3. We click Next to finish the installation, we follow the steps on the screen. It is possible that a message appears at the end of the installation indicating that there is no configuration file, we simply click on Accept.
  4. We copy the files that we have previously generated and that we have saved in the corresponding drive in the C:\Program Files\OpenVPN\config folder, remember that we are already working on the client computer.
  5. We copy the sample configuration file client.ovpn from the C:\Program Files\OpenVPN\sample-config folder to the C:\Program Files\OpenVPN\config folder and rename it to Common Name.
  6. We edit the configuration file that we have renamed to change some parameters.
  7. We add the IP address of the server, in case of having a DDNS service we will put this address.
  8. Now we modify the lines with the keys and certificates that we have added to the client.ca “C:\\Program Files\\OpenVPN\\config\\ca.crt”cert “C:\\Program Files\\OpenVPN\\config\\geekclient.crt”key “C:\\Program Files\\OpenVPN\\config\\geekclient.key”and save the configuration file

If we have followed the steps correctly, we will only have to start OpenVPN GUI on the client computer and connect, in a few seconds we will verify that the connection is correct and that our client has connected to the OpenVPN server.

OpenVPN allows us to both create and connect to a VPN

If you want to set up your own VPN with OpenVPN you will have everything you need for free. The procedure to create your server can be somewhat cumbersome.

However, having a secure connection to use the internet is worth it in certain crowded places where security may be an issue. This way we can connect to the OpenVPN server and use that internet connection.

It will also help us to share resources, whether they are hardware or software, for example, printing a document on our local printer to pick it up when we go home, if we do it on the go it is a way of not forgetting each other. We can also use a hard drive connected to the network to copy any document that we need.

Leave a Reply

Your email address will not be published. Required fields are marked *