How To Setup Openvpn Server On Windows 10

• Français

• Network diagram

• Server configuration

• Client configuration

How To set upwards OpenVPN Server on Windows

• Concluding updated: Jan 27, 2022

Nosotros will run into here how to set up a OpenVPN server under Microsoft Windows Server.

OpenVPN is a very powerfull VPN which has several advantages : it is free, compatible with virtually operating systems, easy to implement and highly configurable.

Network diagram

Server configuration

• OpenVPN Server :
  • Os : Windows Server 2016
  • Role : OpenVPN Server
  • IP : 192.168.0.200

Prerequisites

In order to create the connection certificates, we will have to install OpenSSL software library. I personnaly use the slproweb.com packages.

Download OpenSSL

Download the latest OpenSSL Light version.

Install OpenSSL

• Accept the agreement :

• Select destination location :

• Select first menu folder :

• Select OpenSSL binaries directory :

• Click to install :

• Click Terminate to go out (and brand a donation if you can :)) :

Add OpenSSL in Environment Variables

We will add together OpenSSL inside the environment variables.

• Run SystemPropertiesAdvanced to open System Backdrop :

• Click Environs Variables… :

• Edit Path :

• Click New and add %ProgramFiles%\OpenSSL-Win64\bin :

• Open a new Windows command and check that you can run openssl control :

Installing OpenVPN

Go to OpenVPN official website here to download last installer.

• As we want to install OpenVPN as server we volition choose Customize :

• We enable OpenVPN Service in society to make it work at boot :

• And nosotros install EasyRsa in order to exist able to create server and clients certificates :

• Once done click Close :

Setting up Certificate Dominance (CA) and generating certificates and keys for server and clients

Here we will prepare up a pki to be able to create our server and clients certificates.

• Open up a Control Prompt as administrator :

• And type the following commands to enter inside EasyRSA crush :

C:\Windows\system32>cd C:\Program Files\OpenVPN\easy-rsa

C:\Programme Files\OpenVPN\easy-rsa>EasyRSA-Start.bat

• Remove existing configuration, just for good mensurate :

# ./easyrsa clean-all

• Initialize pki, and type yeah to confirm :

# ./easyrsa init-pki

• Build certificate authority :

# ./easyrsa build-ca nopass […] Common Name (eg: your user, host, or server proper name) [Like shooting fish in a barrel-RSA CA]:ovpn            

• Build server certificate and cardinal :

# ./easyrsa build-server-full server nopass

• Generate Diffie Hellman parameters :

# ./easyrsa gen-dh

• Generating client certificates :

# ./easyrsa build-client-full client01 nopass

Certificates

• Put this files (from C:\Program Files\OpenVPN\like shooting fish in a barrel-rsa\pki, C:\Programme Files\OpenVPN\easy-rsa\pki\issued and C:\Program Files\OpenVPN\piece of cake-rsa\pki\private) :
• ca.crt
• dh.pem
• server.crt
• server.cardinal
• To C:\Plan Files\OpenVPN\config-motorcar and C:\Program Files\OpenVPN\config folders.

Add a Windows Firewall Rule

We demand to open up 1194 udp port to permit OpenVPN clients connections. Use the Windows Firewall Management Console or this command inside a Administrator command line console to do that.

C:\Windows\system32>netsh advfirewall firewall add dominion proper name="OpenVPN" dir=in localport=1194 remoteport=0-65535 protocol=UDP activity=permit remoteip=whatsoever localip=whatsoever

C:\Plan Files\OpenVPN\config-auto\server.ovpn

As administrator, edit C:\Program Files\OpenVPN\config-machine\server.ovpn file :

port 1194 proto udp dev tun  ca ca.crt cert server.crt cardinal server.key dh dh.pem  server x.l.eight.0 255.255.255.0 ifconfig-pool-persist ipp.txt  keepalive ten 120  comp-lzo  persist-primal persist-tun  condition openvpn-status.log  verb three

Then, restart the OpenVPN service :

• From, services management console :

• Right click OpenVPNService then Restart :

• Or from an administrator Command Prompt :

C:\Windows\system32>net stop openvpnservice

C:\Windows\system32>net commencement openvpnservice

Client configuration

• OpenVPN Client :
  • Bone : Windows 10
  • Office : OpenVPN Client

Installing OpenVPN

We will download the same package, and here install with default parameters.

Copy certificates from the Server

• From the Server get the following files (from C:\Plan Files\OpenVPN\easy-rsa\pki, C:\Plan Files\OpenVPN\easy-rsa\pki\issued and C:\Programme Files\OpenVPN\like shooting fish in a barrel-rsa\pki\individual) :
• ca.crt
• client01.crt
• client01.primal
• And paste them to C:\Programme Files\OpenVPN\config.

• C:\Plan Files\OpenVPN\config\client.ovpn

Edit the customer.ovpn file with administrator rights :

client  dev tun  proto udp  remote              OPENVPN_IP              1194  resolv-retry infinite nobind persist-fundamental persist-tun  ca ca.crt cert client01.crt cardinal client01.key  comp-lzo  verb 3

Establishing the connection

• Run as administrator

• Starting time the connection

• A popular upwardly will confim that we are continued

Server Access

To join the server we volition use the 10.fifty.viii.1 IP Accost

⚠️ Troubleshooting : Afterward a Windows Update, I couldn't have admission to the server share anymore (OpenVPN was able to connect though). To make it work again, I had to repair (available when relaunching setup plan) the OpenVPN programme on the server side.

Source: https://shebangthedolphins.net/vpn_openvpn_windows_server.html

Posted by: reynoldspook1977.blogspot.com

Share this post