To set up an OpenVPN server on CentOS 8 in 5 minutes, you will need to have root access to your server and have the EPEL (Extra Packages for Enterprise Linux) repository enabled.
- Install OpenVPN and Easy RSA:
sudo yum install openvpn easy-rsa -y
- Create a directory for your OpenVPN server:
sudo mkdir /etc/openvpn/server
- Copy the sample server configuration file to your OpenVPN server directory:
sudo cp /usr/share/doc/openvpn-*/sample/sample-config-files/server.conf /etc/openvpn/server/
- Edit the server configuration file and make any necessary changes, such as specifying the IP address of your server, the port to listen on, and the protocol to use (UDP or TCP).
- Generate the necessary key and certificate files using the Easy RSA script:
cd /etc/openvpn/easy-rsa/
sudo ./easyrsa init-pki
sudo ./easyrsa build-ca nopass
sudo ./easyrsa build-server-full server nopass
sudo ./easyrsa build-client-full client1 nopass
- Copy the generated key and certificate files to the OpenVPN server directory:
sudo cp pki/ca.crt /etc/openvpn/server/
sudo cp pki/issued/server.crt /etc/openvpn/server/
sudo cp pki/private/server.key /etc/openvpn/server/
- Start the OpenVPN server:
sudo systemctl start openvpn@server
- Enable OpenVPN to start at boot time:
sudo systemctl enable openvpn
- Configure your firewall to allow traffic to the OpenVPN server:
sudo firewall-cmd --add-port=1194/udp --permanent
sudo firewall-cmd --reload
You have now set up an OpenVPN server on your CentOS 8 server. You can now proceed to configure the client by using the client configuration files, the client1.crt, client1.key, and ca.crt files in the client’s device.
Please note that this is a basic setup and you should consider additional security measures like hardening the server and using a different authentication method.