Comments on How to install and configure OpenVPN Server on Debian 10

Hi,

You don't need NAT in the configuration ?

You just enabled NAT without Firewall configuration.

Is thats how openvpn works?

AFTER:

apt-get install openvpn -y

YOU SHOULD RUN:

apt-get install easy-rsa

hello, that's good. I have been sucess configure my server based your guide. for this time, how to access vpn server to windows client based this tutorial.?? i tried since yesterday, and did not get  a clue..

thank you

I was created as shell script that create a user client automaticaly

vim create_client.sh

#!/bin/bash

rm -f /etc/openvpn/easy-rsa/pki/private/client.key

./easyrsa gen-req client nopass

./easyrsa sign-req client client

input="/etc/openvpn/easy-rsa/pki/issued/client.crt"

while IFS= read -r line

do

  if [[ $line == *"Subject: CN="* ]]; then

    #echo "$line"

    linha=$line

  fi

done < "$input"

echo =====================================================

empty=""

nome_escolhido=${linha/Subject: CN=/$empty}

if [[ -z "$nome_escolhido" ]]; then

  nome_escolhido="novo_cliente"

fi

cp /etc/openvpn/easy-rsa/pki/issued/client.crt .

cp /etc/openvpn/easy-rsa/pki/private/client.key .

/usr/bin/tar -zvcf $nome_escolhido.tar.gz client.crt client.key ta.key ca.crt client.conf

rm client.crt client.key

Hi, first error on: sysctl -p

Command not found.

The sysctl command exist on every Debian 10 server. Maybe you are not logged in as root user or it's not a Debian 10 system or you mistyped the command.

No export lines in var

Hi, when I'm in the client trying: scp [email protected]:/etc/openvpn/client/ca.crt /etc/openvpn/

I am asked the root password of the server, I write it, and I am sure I am doing It right but It says: permission denied, please try again.

Any idea of why this is happening?

Thank you very much

Hello,

When im doing: scp [email protected]:/etc/openvpn/client/ca.crt /etc/openvpn/

I am asked to write the password of the root user of the server. I write it correctly but It says Permission denied, please try again.

Any idea of this problem?

Thank you

Bonjour, je suis sous debian 10.2.0 et la commande sysctl -p ne passe pas. bash: sysctl: commande introuvable.

C'est la même chse pour openvpn --genkey --secret ta.key

How do I configure it with a Windows client? Please..

Do you have the command to genarate an client.ovpn profile to import to the windows open vpn client.

changing the extension .conf for .ovpn will work.

Bro, you are the best! Thank you very much! I couldn't do that for several hours. Thanks!

Hi, for those receiving the error: bash: openvpn: command not found

Most likely you used "su" instead of "su -".

just run: su -

and it should work.

This article is missing the NAT configuration step.

You can clearly see in the Centos version of this article there is a section on `iptables` config which does not exist here: https://www.howtoforge.com/tutorial/how-to-install-openvpn-on-centos-7/

Since on Debian the new preferred firewall app is not `iptables` but rather `nftables`, the following configuration example should hopefully help someone in the same position as me that followed this from start to finish and it only worked after I configured NAT correctly.

Example with `nftables`: https://github.com/mqus/nft-rules/blob/master/files/VPN.md

scp [email protected] : /etc/openvpn/client/ca.crt / etc / openvpn / pour ce pbm il faut autoriser root pour ssh:https://cloriou.fr/2016/12/05/debian-autoriser-acces-root-via-ssh/

Who needs to make an .ovpn do like this:

- nano /etc/openvpn/client.ovpn

- put in the content made for client.conf

- at the end add <ca> and save

- cat client/ca.crt >> ./client.ovpn

- add </ca> and <cert> and save

- cat client/client.crt >> ./client.ovpn

- delete the new added lines which are before -----BEGIN CERTIFICATE-----

- add </cert> and <key> and save

- cat client/client.key >> ./client.ovpn

- add </key>

Now it should work with Android, Windows etc.

Can you please update the above to include how to revoke a certificate ? 

Hi,

The tutorial is great!!

I successfully installed it on server and on client too. When I am starting openvpn client on my laptop, it connects, but my laptop internet goes away.

Could you help me in this?