Need a Minecraft server? BeastNode delivers awesome performance at a great value!


How to Install and Configure an OpenVPN Server on CentOS 6

This guide will provide you with all the steps necessary to install a simple OpenVPN server on CentOS 6.

First, login to the SolusVM control panel for your VPS and enable TUN/TAP from the settings menu.

Now, SSH into your VPS where you'll need to install the Enterprise Linux (EPEL) repository:

yum install -y epel-release

Then install OpenVPN:

yum install -y openvpn easy-rsa

Copy the sample configs to make editing it easier:

cp /usr/share/doc/openvpn-*/sample/sample-config-files/server.conf /etc/openvpn

Open the config file to edit with the required settings:

vi /etc/openvpn/server.conf

- To enable editing in vi, just hit the "i" key on your keyboard.

Find this line and uncomment it by removing the ; at beginning of the line:

push "redirect-gateway def1 bypass-dhcp"

Now scroll down a bit to uncomment these lines:

push "dhcp-option DNS"
push "dhcp-option DNS"

Then scroll down further to uncomment these lines:

user nobody
group nobody

Once the edits are done, save the file and exit vi.
- To save and exit in vi, just hit the "ESC" key on your keyboard to exit editing mode, then type ":x" (without quotes) and hit enter.

Generate RSA Keys and Certificates Using easy-rsa

OpenVPN requires keys and certificates to authenticate users, so follow these steps to do so:
mkdir -p /etc/openvpn/easy-rsa/keys cp -r /usr/share/easy-rsa/2.0/* /etc/openvpn/easy-rsa

Copy the OpenSSL configuration file to the easy-rsa folder:

cp /etc/openvpn/easy-rsa/openssl-1.0.0.cnf /etc/openvpn/easy-rsa/openssl.cnf

Now we'll start the build process for the key/certificate. You will be asked to enter various information, so just fill them out to your liking.

cd /etc/openvpn/easy-rsa


source ./vars






./build-key-server server

Then generate the Diffie Hellman key exchange files:



cd /etc/openvpn/easy-rsa/keys


cp dh2048.pem ca.crt server.crt server.key /etc/openvpn

Now create the client ceritificates to allow clients to authenticate with the server:

cd /etc/openvpn/easy-rsa
./build-key client

Configuring iptables and sysctl:
Now to configure your iptables and sysctl to function properly with the VPN:

iptables -t nat -A POSTROUTING -s -o eth0 -j MASQUERADE
iptables -t nat -A POSTROUTING -s -j SNAT --to-source
iptables -A FORWARD -s -j ACCEPT
service iptables save

Enable IP forwarding:

vi /etc/sysctl.conf

Set this setting equal to 1:

# net.ipv4.ip_forward = 1

Apply the sysctl settings and start up OpenVPN as well as set it to start up on boot:

sysctl -p
service openvpn start
chkconfig openvpn on

OpenVPN Client for Windows

With your OpenVPN server now online, you'll need to configure your OpenVPN client. You can download it here:

First, find the certificate and key files on your server:

Navigate to this directory to find them:


These are the files you need:


You will need to paste the contents of each file for the next step. To view each file, simply use the command "vi filename" to view them.

Now create a file on your computer named "client.ovpn" and fill in the following:
- "client" is the name of the user (from when you created the key/certificate)
- replace x.x.x.x with your BeastNode VPS IP
- paste the entire contents of each crt and key file from above as specified in the config

dev tun
proto udp
remote x.x.x.x 1194
resolv-retry infinite
verb 3
Contents of ca.crt
Contents of client.crt
Contents of client.key

Now all you need to do to connect to your VPN is to go into the OpenVPN client and do the following:
1. Click on the + (plus) symbol next to "Connection Profiles", select "Local file", click on Import, and navigate to the client.ovpn file you made previously.
2. Enter your desired name for the profile and make sure "Completely trust this profile" is checked, then click Save.
3. You should see the newly added profile in the client window - simply click on it to connect to your VPN and you're all done!

To connect to the VPN on Mac OS X, you can download Tunnelblick and create the .ovpn config file as in the steps above and place it in ~/Library/Application Support /Tunnelblick/Configurations

  • 1 Users Found This Useful
Was this answer helpful?

Related Articles

What can I enter for the hostname when ordering?

The hostname is used to identify your VPS (or dedicated server) during the ordering process. It...

How To Set A Hostname For Your BeastNode VPS

To set a host name for your BeastNode VPS running on a RedHat distro (CentOS for example), just...

Common Linux SSH/Shell Commands

This is a list of frequently used Linux SSH/shell commands. It may not apply to all Linux...

How to Login to Your VPS

In this guide, we'll be going over how to login to your VPS via SSH terminal/console....

Accessing your VPS Server using SFTP (Secure FTP)

There are two ways to access your VPS files - SFTP or via SSH commands. SSH commands are for more...