Configuring Linux Clients First, copy the appropriate key sets from the server to the /etc/openvpn directory

on each of the clients. If the client machines arent locally available, then make the transfers via a secure means, such as SFTP. For example, for client 1 copy the following files: client1.crt client1.key ca.crt Note: The same ca.crt file gets copied to each client. Be sure that you dont copy the ca.key file to any clients, or else server security will be compromised. On each client, copy the client.conf file from the /usr/share/doc/openvpn2.0.9/sample-config-files/ directory to the /etc/openvpn directory. Open the file for editing. Scroll down until you find the line: remote my-server-1 1194 Change the my-server-1 part to the actual IP address of your OpenVPN server. For example, if the IP address of your servers eth0 interface is 216.33.19.3, then the line will become: remote 216.33.19.3 1194 Next, scroll down until you find the lines: ca ca.crt cert client.crt key client.key Change these lines to match the client-key files that you transferred from the server. For client 1, these would become:

ca ca.crt cert client1.crt key client1.key Uncomment the line, ;ns-cert-type server by removing the preceding semi-colon. Uncomment the ;cipher x line, and change the x to match the cryptographic method that you set up in the server configuration. For example, if you chose the Blowfish method in the server configuration, then change this line to: cipher BF-CBC Save the file and exit the text editor. To test, start up OpenVPN on the server, and then start OpenVPN on the client. Note: Even on the clients, manually starting OpenVPN from the command-line requires root privileges. So, for testing, you will either have to have the appropriate settings made so that you can use sudo, or youll have to have the root password for the respective client machines. The command to start the client is: cd /etc/openvpn openvpn client.conf On the client, open a second command-line terminal window, and ping the private address of the OpenVPN server. In our example, the command would be ping

10.1.1.1. If the ping is successful, youve achieved coolness. If it isnt, you may have to reconfigure the clients firewall to allow proper connectivity. As on the server, youll find that init script have been installed in the appropriate run-level directories. So, OpenVPN will start automatically, and will automatically connect to the OpenVPN server, whenever you reboot the computer.