A VPN (Virtual Private Network) service is used for creating an encrypted tunnel between one location (computer) and a remote server (running the VPN service).
All (or part) of the Internet traffic is routed through this tunnel, effectively masking the real location since your computer will have the IP address of the VPN server. All traffic is encrypted so your data remains safe at all times, even if intercepted by a hacker or network administrator. Here we will cover steps to install VPN on your VPS server and connect trough it.
INSTALLING OPENVPN
The installation process is straight forward. Since OpenVPN is not available from the standard CentOS repositories, the first step is to install EPEL and refresh the list of available packages:
You can install OpenVPN package:
We need toinstall EasyRSA, a tool that simplifies the setup of an internal certificate authority (CA) on the server and SSL key generation. The package is also available in the EPEL repository and can be installed with yum:
CONFIGURING OPENVPN
OpenVPN has many configuration options, which can be quite complex. Fortunately, a sample configuration file is provided, with comments that explain the functions of each line. Copy it to the default configuration folder and use it as a base for your own settings file:
Open the file with your favorite text editor; we will use vim in this example. As vim’s default color scheme makes comments difficult to read, you can switch to a different one (with a command like :colorscheme delek):
Start by changing the default port and protocol to 1443 tcp:
Next, you have to modify the location of the certificates that will be used by the server:
The next two lines that have to be uncommented are:
These will create a subnetwork that allocates addresses to client machines. The server will use the first address in the subnet (10.8.0.1), while the first client will be assigned the IP 10.8.0.2.
The most important line that must be uncommented is this one:
It basically instructs client machines to redirect all their traffic through the VPN,<