Creating and Deploying OpenVPN Clients

Every computer device that wants to become part of your OpenVPN Virtual Private Network will need .ovpn credentials generated on the OpenVPN Server. These credentials then must be copied to the client computer before your client machine can join the Virtual Private Network.

To create client credentials, login to your OpenVPN Server as root and issue the following command: ./openvpn-install.sh

Choose option 1 to Add a New User, option 2 to Revoke an Existing User, and option 3 to Delete Your OpenVPN Server. After choosing Option 1, use a descriptive file name to identify the client machine on which the credentials will be deployed, e.g. charleston. Then select the option to create credentials without a password. The script will create charleston.ovpn for you. If the client machine is a non-Windows computer, edit the charleston.ovpn text file and comment out the setenv line: #setenv. If the client machine is a Windows computer, make sure the .ovpn file includes the following lines so that external sites can be accessed from the Windows desktop:

pull-filter ignore redirect-gateway

Then copy the file to the client computer.

Client computers are activated in the VPN by issuing the following command (without backslash) on the client computer where charleston.ovpn is the file containing the client credentials generated on the OpenVPN Server and copied to the client computer: openvpn -\-config charleston.ovpn --daemon

Once you have activated the VPN on the client machine, verify that it’s running with a 10.8.0.x private IP address: ifconfig

You can also check the current listing of running clients by issuing the following command on the OpenVPN Server:

cat /var/log/openvpn/status.log

We recommend keeping a text file with a list of all the created clients including their private IP addresses on every client machine.

  • hostflytekvm
  • oraclepbx
  • crowncloud1
  • pixel3
  • ssdnodes5
  • raspivero2
  • incrediblepbx2020atl
  • system76
  • intelnuc