Like every other website on the planet, SmallNetBuilder uses cookies. Our cookies track login status, but we only allow admins to log in anyway, so those don't apply to you. Any other cookies you pick up during your visit come from advertisers, which we don't control.
If you continue to use the site, you agree to tolerate our use of cookies. Thank you!

Router Charts

Click for Router Charts

Router Ranker

Click for Router Ranker

NAS Charts

Click for NAS Charts

NAS Ranker

Click for NAS Ranker

More Tools

Click for More Tools

Security How To

Configuring the Client Side OpenVPN Machine

Setting up the client OpenVPN machine is Just like the server: create the directories for the certificates and keys; copy them over; and secure them appropriately. The client side OpenVPN configuration is a bit more sparse than the server's, since the server will be responsible for "pushing" the proper configuration settings to the client after connection.

#
# SmallNetBuilder OpenVPN Client Configuration
#

# Instructs OpenVPN to run in client mode, requests IP address and
# special instructions (like routes) from the server. 
client

# Interface for tunnel
dev tun0

# Remote server to connect to. Can be domain name or IP address.
remote smallnetbuilder.com

# Certificates and keys required for connection
ca /etc/openvpn/certs/ca.crt
cert /etc/openvpn/certs/remote_office.crt
key /etc/openvpn/keys/remote_office.key

# Symmetric cipher - Must be the same as the server's
cipher BF-CBC

# Protocol and Port - Must be the same on both server and client.
proto udp
port 1194

# Log to file instead of syslog
log-append /var/log/openvpn.log
verb 4

# Since the OpenVPN client is acting as a gateway for other machines
# on the client-side network, run as a daemon and downgrade user
# priviledges.
user nobody
group nobody
daemon

# Use a persistent key and tunnel interface.
persist-tun
persist-key

Configuring the Client Side Router

Just like the server-side setup, all the machines on the OpenVPN client's network also need to know how to reach the server's network (10.1.1.0/24). Add a route that directs all traffic destined for the server's network to the OpenVPN client machine (192.168.1.2). On the WRT54G it's under Setup > Advanced Routing (Figure 4).

Adding a Route to the Client-side Router
Click to enlarge image

Figure 4: Adding a Route to the Client-side Router

Finally, connect the client up to the OpenVPN server with:

 ~ # openvpn --config /etc/openvpn/client.conf

More Stuff

Wi-Fi System Tools
Check out our Wi-Fi System Charts, Ranker and Finder!

Support Us!

If you like what we do and want to thank us, just buy something on Amazon. We'll get a small commission on anything you buy. Thanks!

Over In The Forums

Split-horizon DNS, split-view DNS, split-brain DNS, or split DNS is the facility of a DNS implementation to provide different sets of DNS information ...
Hi,Is it possible to do inbox replace/upgrade to any newer QNAP or any other DIY NAS version?I would like to replace the h/w with the better one and u...
Hello, been reading for a long time, got 6x RT-AC68U with 384.17No problems but an annoying issue, so lets jump in at the deep end. 4g providers are m...
Since today I get the "curl: (60) SSL certificate problem: certificate has expired" error on one site:Code: # curl -v https://www.myip.ms/files/black...
I'm in a special situation and any idea might help me a lot.I have an EA2750 router (I don't remember the exact firmware version, but it's one of the ...

Don't Miss These

  • 1
  • 2
  • 3