Install OpenVPN on CentOS 5

From CSLabsWiki
Revision as of 11:59, 28 April 2011 by Mccarrms (talk | contribs) (Created page with "This page summarizes how to perform a basic installation of OpenVPN on CentOS 5. This tutorial assumes you have root/sudo access and have SELinux set to permissive or disabled. ...")

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search

This page summarizes how to perform a basic installation of OpenVPN on CentOS 5. This tutorial assumes you have root/sudo access and have SELinux set to permissive or disabled.

This tutorial is geared more towards home users who have a spare system to run OpenVPN on. In this tutorial, Windows 7 is used for the client connecting to the VPN but minor adjustments would allow for a Linux or Mac client.

If you notice a problem with this How-To or would like to provide feedback, please email Matt.

Prerequisets

  • Install CentOS 5
  • Forward UDP port 1194 to the VPN server. This is only necessary if your network has a firewall protecting it.

Install

Add RPMForge Yum Repository

For x86 (32-bit) systems

For x64 (64-bit) systems

Configure iptables

Create iptables_set.sh, chmod +x iptables_set.sh, and run the script.

  • Note: The following will work but you may wish to change the source address from 10.10.9.0/24 to the network range of your choosing based on your network.
#!/bin/bash
/sbin/iptables -F
/sbin/iptables -P INPUT DROP
/sbin/iptables -P OUTPUT ACCEPT
/sbin/iptables -A FORWARD -m state --state RELATED,ESTABLISHED -j ACCEPT
/sbin/iptables -A FORWARD -s 10.10.9.0/24 -j ACCEPT
/sbin/iptables -A FORWARD -j REJECT
/sbin/iptables -t nat -A POSTROUTING -s 10.10.9.0/24 -o eth0 -j MASQUERADE
/sbin/iptables -A INPUT -p tcp --dport 22 -j ACCEPT
/sbin/iptables -A INPUT -p udp --dport 1194 -j ACCEPT
/sbin/iptables -A INPUT -p icmp -j ACCEPT
/sbin/iptables -A INPUT -i lo -j ACCEPT
/sbin/iptables -A INPUT -i tun0 -j ACCEPT
/sbin/iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
/sbin/service iptables save
/sbin/iptables -L -v

Configure Kernel

Edit /etc/sysctl.conf

net.ipv4.ip_forward = 1

Make the changes active

  • sysctl -p

Install OpenVPN Server

Install openvpn

  • yum install openvpn