The steps are as follows:
Please note that {root@centos8:~ }$ is my shell prompt and is not part of actual commands. In other words, you need to copy and paste command after my shell prompt.
Step 1 – Update your system
Run the dnf command or yum command to install CentOS 8 security updates:{root@centos8:~ }$ sudo dnf update
OR{root@centos8:~ }$ sudo yum update
Next, install tar on CentOS and also install wget on CentOS 8{root@centos8:~ }$ sudo yum install tar wget
Step 2 – Find and note down your server’s IPv4 or IPv6 address
Use the ip command as follows:{root@centos8:~ }$ ip a
{root@centos8:~ }$ ip a show eth0
We can try the following dig command/host command to find out your public IP address from Linux command line:{root@centos8:~ }$ dig +short myip.opendns.com @resolver1.opendns.com
OR{root@centos8:~ }$ dig -4 TXT +short o-o.myaddr.l.google.com @ns1.google.com | awk -F'"' '{ print $2 }'
Sample outputs:
172.105.120.133
Please note down 172.105.120.133 IP address. You need to replace this one with your actual IPv4.
A note about your IPv4 and IPv6 address
Most cloud servers have two types of IP address:
- Public static IP address directly assigned to your box and routed from the Internet. For example, Linode, Digital Ocean, and others give you direct public IPv4/IPv6 address.
- Private static IP address directly attached to your server and your server is behind NAT with public IP address. For example, AWS EC2/Lightsail, Google Cloud and others provide you this kind of NAT public IP address.
The script will automatically detect your networking setup. All you have to do is provide a correct IPv4 or IPv6 address when asked for it. Hence, we used the above command to determine our IP address in advance.
Step 3 – Download and run centos-8-vpn.sh script
I am going to use the wget command:{root@centos8:~ }$ wget https://raw.githubusercontent.com/Angristan/openvpn-install/master/openvpn-install.sh -O centos-8-vpn.sh
Make sure you set up permissions using the chmod command:{root@centos8:~ }$ chmod +x centos-8-vpn.sh
One can view the script using a text editor such as vim/vi too :{root@centos8:~ }$ vim centos-8-vpn.sh
Installing OpenVPN server on CentOS 8 Linux using the centos-8-vpn.sh
Now all you have to do is run shell script on Linux:{root@centos8:~ }$ sudo ./centos-8-vpn.sh
Sample session from my Linode cloud server with direct public IPv4 address:
Sample session from AWS/Lightsail where my cloud server is behind NAT:
Desktop or Mobile client configuration
When VPN server configuration done, we can create a desktop/mobile client VPN configuration file. You will be prompted as follows:
How do I start/stop/restart OpenVPN server on CentOS 8 ?
#--- Stop the server ---#
{root@centos8:~ }$ sudo systemctl stop openvpn-server@server.service
#--- Start the server ---#
{root@centos8:~ }$ sudo systemctl start openvpn-server@server.service
#--- Restart the server ---#
{root@centos8:~ }$ sudo systemctl restart openvpn-server@server.service
#--- Get the server status ---#
{root@centos8:~ }$ sudo systemctl status openvpn-server@server.service
Step 4 – Connect an OpenVPN server using IOS/Android/Linux/MS-Windows client
On server your will find a client configuration file called ~/DesktopVPNClient.ovpn. All you have to do is copy this file to your local desktop using the scp command:{root@centos8:~ }$ scp vivek@172.105.120.136:~/DesktopVPNClient.ovpn .
Next, provide this file to your OpenVPN client for connection purposes:
- Download Apple iOS client from Apple App store
- Grab Android client from Google Play store
- Apple MacOS (OS X) client
- Microsoft Windows 8/10 client
OpenVPN Linux desktop client configuration
First, install the openvpn client for your desktop, enter:{root@centos8-client:~ }$ sudo yum install openvpn
For Debian/Ubuntu Linux try the apt command/apt-get command:{root@debian-client:~ }$ sudo apt install openvpn
Next, copy DesktopVPNClient.ovpn as follows:{root@centos8-client:~ }$ sudo cp DesktopVPNClient.ovpn /etc/openvpn/client.conf
Test connectivity from the CLI:{root@centos8-client:~ }$ sudo openvpn --client --config /etc/openvpn/desktop.conf
Our Linux desktop system will automatically connect when computer restart using openvpn script/service:{root@centos8-client:~ }$ sudo systemctl start openvpn@client
Step 5 – Verify/test the connectivity
Execute the following commands after connecting to OpenVPN server from your Linux desktop client:#Ping to the OpenVPN server gateway
{root@centos8-client:~ }$ ping 10.8.0.1
#Make sure routing setup working
{root@centos8-client:~ }$ ip route
#Must return public IP address of OpenVPN server
{root@centos8-client:~ }$ dig TXT +short o-o.myaddr.l.google.com @ns1.google.com
Step 6 – How to add or remove OpenVPN client
Log in to your CentOS 8 Linux server and run the script again:{v@centos8:~ }$ sudo ./centos-8-vpn.sh
You will see option as follows:
Welcome to OpenVPN-install! The git repository is available at: https://github.com/angristan/openvpn-install It looks like OpenVPN is already installed. What do you want to do? 1) Add a new user 2) Revoke existing user 3) Remove OpenVPN 4) Exit Select an option [1-4]:
Choose an option as per your needs.
0 $type={blogger}:
Post a Comment