In this article, I will show you how to set up OpenVPN Server on Windows, and connect your computer from internet using openvpn.
Go to openvpn official website and download openvpn last installer. Download Url : https://openvpn.net/community-downloads/
Openvpn is a very powerful VPN which has several advantages. It is free and compatible with most operating systems.
As we want to install openvpn-as server we will choose "customize". We enable OpenVPN Service in order to make it work at boot.
And we install EasyRsa in order to be able to create server and clients certificates.
Setting up Certificate Authority and generating certificates and keys for server and clients
Open a command prompt as administrator.
Setting up certificate Authority and generating certificates and keys for server and clients. Here we will set up a pki to be able to create our server and clients certificates. And type the following commands to enter inside EasyRSA shell.
cd C:\Program Files\OpenVPN\easy-rsa EasyRSA-Start.bat
Remove existing configuration.
Initialize pki and type "yes" to confirm.
Build certificate authority
./easyrsa build-ca nopass
Build server certificate and key
./easyrsa build-server-full server nopass
Generate Diffie Hellman parameters :
Generating client certificates :
./easyrsa build-client-full client01 nopass
Create two new folders on the desktop: Server and Client. Copy the server configuration file to Server folder.
ca and dh.pem : C:\Program Files\OpenVPN\easy-rsa\pki\
server : C:\Program Files\OpenVPN\easy-rsa\pki\issued\
server.key : C:\Program Files\OpenVPN\easy-rsa\pki\private\
Copy the client configuration file to client folder.
ca : C:\Program Files\OpenVPN\easy-rsa\pki\
client01 : C:\Program Files\OpenVPN\easy-rsa\pki\issued\
client01.key : C:\Program Files\OpenVPN\easy-rsa\pki\private\
In the "Server" folder, create a notepad file with the content as follows, then save it with name "server.ovpn".
port 1194 proto udp dev tun ca ca.crt cert server.crt key server.key dh dh.pem server 10.50.8.0 255.255.255.0 ifconfig-pool-persist ipp.txt keepalive 10 120 comp-lzo persist-key persist-tun
Next copy the server configuration file to "config" folder and "configure-auto" folder.
Set a static IP address
Go to "Settings" > "Network & internet" > "Ethernet", then edit "IP assignment".
Add a Windows Firewall Rule
We need to open 1194 udp port to allow OpenVPN clients connections. Go to "Settings" > "Privacy & security" > "Windows Security" > "Firewall & network protection".
Click on "advanced settings".
Now click on "Inbound Rules". Next click on the "Actions" menu and then click on "New Rule…". select the "Port" option. Select "UDP". In the "Specific remote ports" space, enter "1194".
Now select "Allow the connection". Apply the rule to everyone. In the Name fields, enter anything you want.
Port forwarding on router
If your server is behind a router, you will need to forward the port chosen for OpenVPN to the server.
This is my public ip address, I will use this for the next step.
Restart the OpenVPN Service
Open "run" and type "services.msc". Find the "OpenVPNService" and restart it.
We will download the same package as the server and here install with default parameters. Create a notepad file with the content as follow. Enter the public ip address you got from the previous step. Then save it with name "client.ovpn".
client dev tun proto udp remote 220.127.116.11 1194 resolv-retry infinite nobind persist-key persist-tun ca ca.crt cert client01.crt key client01.key comp-lzo verb 3
With the client configuration files we get from the server, we will client configuration. Next, copy the client configuration files to config folder.
Click "connect" to establish the openvpn connection to the VPN server.
You can now connect your computer from internet.