OpenVPN Support Forum

Community Support Forum
https://forums.openvpn.net/

How to connect my Windows client to an OpenVPN server?

https://forums.openvpn.net/viewtopic.php?t=35956

Page 1 of 1

How to connect my Windows client to an OpenVPN server?

Posted: Sun Jul 16, 2023 12:19 pm
by hack3rcon
Hello,
I used https://www.howtoforge.com/how-to-insta ... debian-10/ tutorial to configure OpenVPN server on Linux. My OpenVPN configuration file is as the following:

Code: Select all

# cat /etc/openvpn/server.conf
port 1194
proto udp
dev tun
ca ca.crt
cert server.crt
key server.key                              
dh dh.pem
server 10.8.0.0 255.255.255.0               
push "redirect-gateway def1 bypass-dhcp"
push "dhcp-option DNS 208.67.222.222"
push "dhcp-option DNS 208.67.220.220"
keepalive 10 120
tls-auth ta.key 0                           
cipher AES-256-CBC
user nobody
group nogroup
persist-key
persist-tun
status /var/log/openvpn/openvpn-status.log
log         /var/log/openvpn/openvpn.log
log-append  /var/log/openvpn/openvpn.log
verb 3
explicit-exit-notify 1
Then, I started the OpenVPN service:

Code: Select all

# systemctl start openvpn@server
And it worked:

Code: Select all

# systemctl status openvpn@server
● openvpn@server.service - OpenVPN connection to server
     Loaded: loaded (/lib/systemd/system/openvpn@.service; disabled; preset: enabled)
     Active: active (running) since Sun 2023-07-16 07:42:24 EDT; 1min 17s ago
       Docs: man:openvpn(8)
             https://community.openvpn.net/openvpn/wiki/Openvpn24ManPage
             https://community.openvpn.net/openvpn/wiki/HOWTO
   Main PID: 2362 (openvpn)
     Status: "Initialization Sequence Completed"
      Tasks: 1 (limit: 10)
     Memory: 1.4M
        CPU: 30ms
     CGroup: /system.slice/system-openvpn.slice/openvpn@server.service
             └─2362 /usr/sbin/openvpn --daemon ovpn-server --status /run/openvpn/server.status 10 --cd /etc/openvpn --config /etc/openvpn/server>

Jul 16 07:42:24 debian systemd[1]: Starting openvpn@server.service - OpenVPN connection to server...
Jul 16 07:42:24 debian systemd[1]: Started openvpn@server.service - OpenVPN connection to server.
It created a NIC on my server:

Code: Select all

# ifconfig
enp0s8: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 192.168.1.20  netmask 255.255.255.0  broadcast 192.168.1.255
        inet6 fe80::a00:27ff:fe74:6397  prefixlen 64  scopeid 0x20<link>
        ether 08:00:27:74:63:97  txqueuelen 1000  (Ethernet)
        RX packets 597  bytes 63680 (62.1 KiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 594  bytes 47394 (46.2 KiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

lo: flags=73<UP,LOOPBACK,RUNNING>  mtu 65536
        inet 127.0.0.1  netmask 255.0.0.0
        inet6 ::1  prefixlen 128  scopeid 0x10<host>
        loop  txqueuelen 1000  (Local Loopback)
        RX packets 5640  bytes 17516906 (16.7 MiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 5640  bytes 17516906 (16.7 MiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

tun0: flags=4305<UP,POINTOPOINT,RUNNING,NOARP,MULTICAST>  mtu 1500
        inet 10.8.0.1  netmask 255.255.255.255  destination 10.8.0.2
        inet6 fe80::4f45:bad7:c6a2:8e50  prefixlen 64  scopeid 0x20<link>
        unspec 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00  txqueuelen 500  (UNSPEC)
        RX packets 0  bytes 0 (0.0 B)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 7  bytes 336 (336.0 B)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0
I have a series of questions:
1- Is Diffie-Hellman algorithm enough?

2- In the tutorial, the author used "nopass" with easyrsa tool, is this option recommended? Is this so that the client doesn't have to enter a password to connect to the server?

3- How about the following IP addresses? What alternatives can I use?

Code: Select all

push "redirect-gateway def1 bypass-dhcp"
push "dhcp-option DNS 208.67.222.222"
push "dhcp-option DNS 208.67.220.220"
4- I have a Windows OS client and I want to connect it to my OpenVPN server. In the tutorial, the client configuration is as follow:

Code: Select all

client
dev tun
proto udp
remote 192.168.1.20 1194                # Linux Server IP
resolv-retry infinite
nobind
persist-key
persist-tun
ca ca.crt
cert client.crt
key client.key
remote-cert-tls server
tls-auth ta.key 1
cipher AES-256-CBC
verb 3
I created a .ovpn file with the above lines and copied it to the C:\Program Files\OpenVPN\config folder. How about the client keys that are on my Server? In which folder should I copy them?


Thank you.
All times are UTC
Page 1 of 1
Powered by phpBB® Forum Software © phpBB Limited
https://www.phpbb.com/