Friday, March 23, 2018

Configure OpenVPN + PIA CLI on Redhat/Centos 7

Configure OpenVPN + PIA CLI on CentOS 7
(Source : http://web.archive.org/web/20160517121855/http://blog.jordan-english.com:80/configure-openvpn-pia-cli-on-centos-7/ )


login as root or sudo

# yum install epel-release
yum install https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm
yum install openvpn unzip curl wget easy-rsa

Configure OpenVPN
cd /etc/openvpn
wget https://www.privateinternetaccess.com/openvpn/openvpn.zip
unzip openvpn.zip
vi /etc/openvpn/cred.conf

#supply the following two lines and write/quit (this is supplied by PIA)
[username]
[password]

chown root:root /etc/openvpn/cred.conf
chmod 400 /etc/openvpn/cred.conf
ln -s /etc/openvpn/[PIA-Region-config].ovpn /etc/openvpn/server.conf

vi [PIA-Region-config].ovpn
#add the following lines
auth-user-pass cred.conf
auth-nocache

#create a backup of the DNS config
cp /etc/resolv.conf /etc/resolv.conf.orig

#edit DNS config
vi /etc/resolv.conf
#add the following lines
nameserver 209.222.18.222
nameserver 209.222.18.218

#reset the security context - SELinux labels
restorecon -Rv /etc/openvpn/


#enable OpenVPN to start on boot
systemctl enable openvpn@server.service
#start OpenVPN service
systemctl start openvpn@server.service
#check status of OpenVPN service
systemctl status openvpn@server.service
#check your new IP address - verify with another workstation
curl ipecho.net/plain ; echo

#reboot and check again
systemctl reboot
systemctl status openvpn@server.service
Here is my output from systemctl status openvpn@server.service

 openvpn@server.service - OpenVPN Robust And Highly Flexible Tunneling Application On server
   Loaded: loaded (/usr/lib/systemd/system/openvpn@.service; enabled; vendor preset: disabled)
   Active: active (running) since Fri 2018-03-23 15:56:25 PDT; 16s ago
 Main PID: 10784 (openvpn)
   Status: "Initialization Sequence Completed"
   CGroup: /system.slice/system-openvpn.slice/openvpn@server.service
           └─10784 /usr/sbin/openvpn --cd /etc/openvpn/ --config server.conf

Mar 23 15:56:25 zareason.raka.home openvpn[10784]: Fri Mar 23 15:56:25 2018 T...
Mar 23 15:56:25 zareason.raka.home openvpn[10784]: Fri Mar 23 15:56:25 2018 U...
Mar 23 15:56:25 zareason.raka.home openvpn[10784]: Fri Mar 23 15:56:25 2018 U...
Mar 23 15:56:25 zareason.raka.home openvpn[10784]: Fri Mar 23 15:56:25 2018 [...
Mar 23 15:56:26 zareason.raka.home openvpn[10784]: Fri Mar 23 15:56:26 2018 a...
Mar 23 15:56:26 zareason.raka.home openvpn[10784]: Fri Mar 23 15:56:26 2018 T...
Mar 23 15:56:26 zareason.raka.home openvpn[10784]: Fri Mar 23 15:56:26 2018 d...
Mar 23 15:56:26 zareason.raka.home openvpn[10784]: Fri Mar 23 15:56:26 2018 /...
Mar 23 15:56:26 zareason.raka.home openvpn[10784]: Fri Mar 23 15:56:26 2018 /...
Mar 23 15:56:26 zareason.raka.home openvpn[10784]: Fri Mar 23 15:56:26 2018 I...
Hint: Some lines were ellipsized, use -l to show in full.
[root@zareason openvpn]# 


systemctl status openvpn@server.service

You can also check the tunnel that OpenVPN opened

ifconfig tun0

Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)

Followers

About Me

Torrance, CA, United States