Creating Your Own VPN using OpenVPN on a VPS

Virtual Private Networks (VPNs) provide an encrypted connection to the internet from a device to a network. OpenVPN is a popular open-source VPN solution that works across various platforms.

In this guide, we’ll walk you through setting up your own VPN server on a CentOS VPS and configuring clients on Windows, MacOS, and Linux.

1. Setting Up OpenVPN on CentOS

1.1. Update your VPS

Start by updating your system:

sudo yum update

1.2. Install EPEL Repository

Since OpenVPN is available in the Extra Packages for Enterprise Linux (EPEL) repository, install it:

sudo yum install epel-release -y

1.3. Install OpenVPN and Easy-RSA

Easy-RSA is a tool to manage your SSL keys.

sudo yum install openvpn easy-rsa -y

1.4. Configure OpenVPN

Copy the sample configuration as a starting point:

sudo cp /usr/share/doc/openvpn*/sample/sample-config-files/server.conf /etc/openvpn/

Edit the configuration:

sudo nano /etc/openvpn/server.conf

Make sure to uncomment or change these lines for basic setup:

push "redirect-gateway def1 bypass-dhcp"
push "dhcp-option DNS"
push "dhcp-option DNS"
user nobody
group nobody

1.5. Set up Easy-RSA

Navigate to the Easy-RSA directory and initialize the Public Key Infrastructure (PKI):

cd /usr/share/easy-rsa/3/
./easyrsa init-pki

Build the Certificate Authority (CA):

./easyrsa build-ca

Generate the server certificate and private key:

./easyrsa gen-req server nopass
./easyrsa sign-req server server

Generate Diffie-Hellman parameters:

./easyrsa gen-dh

Move the keys and certificates:

sudo cp pki/private/server.key /etc/openvpn/
sudo cp pki/issued/server.crt /etc/openvpn/
sudo cp pki/dh.pem /etc/openvpn/

1.6. Start OpenVPN

Enable and start the OpenVPN service:

sudo systemctl enable openvpn@server
sudo systemctl start openvpn@server

1.7. Adjust Firewall

If you have a firewall enabled, adjust the rules:

sudo firewall-cmd --add-service=openvpn
sudo firewall-cmd --add-masquerade
sudo firewall-cmd --permanent --add-service=openvpn
sudo firewall-cmd --permanent --add-masquerade
sudo systemctl restart firewalld

2. Setting up Clients

2.1. Windows:

  1. Download and install the OpenVPN client.
  2. Transfer your client .crt, .key, and ca.crt files to C:\Program Files\OpenVPN\config\.
  3. Run OpenVPN GUI as an administrator and connect using the system tray icon.

2.2. MacOS:

  1. Install Tunnelblick or another OpenVPN-compatible VPN client.
  2. Transfer your client .ovpn, .crt, .key, and ca.crt files to your Mac.
  3. Import the .ovpn profile into Tunnelblick and connect.

2.3. Linux (CentOS):

  1. Install OpenVPN:
sudo yum install openvpn -y
  1. Move your client .ovpn, .crt, .key, and ca.crt files to /etc/openvpn/.
  2. Connect with:
sudo openvpn --config /etc/openvpn/client.ovpn


Setting up your own VPN with OpenVPN offers a greater degree of privacy and control over your internet connection. Ensure you keep all software and configurations up-to-date, and always follow best security practices to keep your VPN secure.



, , ,




Leave a Reply

Your email address will not be published. Required fields are marked *