Setting up an OpenVPN server on CentOS 7 is a relatively straightforward process that can be completed in just a few minutes. Here are the steps to set up an OpenVPN server on CentOS 7:
- Install the OpenVPN package by running the following command:
sudo yum install epel-release
sudo yum install openvpn
- Create a directory to store the server configuration files:
sudo mkdir /etc/openvpn/server
- Generate a public and private key for the server:
sudo openvpn --genkey --secret /etc/openvpn/server/ta.key
- Create a server configuration file by copying the sample configuration file:
sudo cp /usr/share/doc/openvpn-*/sample/sample-config-files/server.conf /etc/openvpn/server/
- Edit the server configuration file to suit your needs. You can configure the server’s IP address, port, and encryption settings. You should also add the path to the TA key file that was generated in step 3.
- Enable and start the OpenVPN service:
sudo systemctl enable openvpn@server
sudo systemctl start openvpn@server
- Open the firewall ports for OpenVPN traffic:
sudo firewall-cmd --add-service openvpn
sudo firewall-cmd --permanent --add-service openvpn
- Create a client configuration file and distribute it to your users. The client configuration file should include the server’s IP address or hostname, port, and encryption settings. You should also add the path to the TA key file that was generated in step 3.
Once you’ve completed these steps, your OpenVPN server should be up and running. You can test the connection by installing the OpenVPN client on a test machine and connecting to the server using the client configuration file.
It is worth noting that this is a basic setup of OpenVPN and should be customized based on your needs, including adding additional security measures such as two-factor authentication and/or hardening the OpenVPN server.