Like every other website on the planet, SmallNetBuilder uses cookies. Our cookies track login status, but we only allow admins to log in anyway, so those don't apply to you. Any other cookies you pick up during your visit come from advertisers, which we don't control.
If you continue to use the site, you agree to tolerate our use of cookies. Thank you!

Router Charts

Click for Router Charts

Router Ranker

Click for Router Ranker

NAS Charts

Click for NAS Charts

NAS Ranker

Click for NAS Ranker

More Tools

Click for More Tools

Security How To

Configuring the Client Side OpenVPN Machine

Setting up the client OpenVPN machine is Just like the server: create the directories for the certificates and keys; copy them over; and secure them appropriately. The client side OpenVPN configuration is a bit more sparse than the server's, since the server will be responsible for "pushing" the proper configuration settings to the client after connection.

#
# SmallNetBuilder OpenVPN Client Configuration
#

# Instructs OpenVPN to run in client mode, requests IP address and
# special instructions (like routes) from the server. 
client

# Interface for tunnel
dev tun0

# Remote server to connect to. Can be domain name or IP address.
remote smallnetbuilder.com

# Certificates and keys required for connection
ca /etc/openvpn/certs/ca.crt
cert /etc/openvpn/certs/remote_office.crt
key /etc/openvpn/keys/remote_office.key

# Symmetric cipher - Must be the same as the server's
cipher BF-CBC

# Protocol and Port - Must be the same on both server and client.
proto udp
port 1194

# Log to file instead of syslog
log-append /var/log/openvpn.log
verb 4

# Since the OpenVPN client is acting as a gateway for other machines
# on the client-side network, run as a daemon and downgrade user
# priviledges.
user nobody
group nobody
daemon

# Use a persistent key and tunnel interface.
persist-tun
persist-key

Configuring the Client Side Router

Just like the server-side setup, all the machines on the OpenVPN client's network also need to know how to reach the server's network (10.1.1.0/24). Add a route that directs all traffic destined for the server's network to the OpenVPN client machine (192.168.1.2). On the WRT54G it's under Setup > Advanced Routing (Figure 4).

Adding a Route to the Client-side Router
Click to enlarge image

Figure 4: Adding a Route to the Client-side Router

Finally, connect the client up to the OpenVPN server with:

 ~ # openvpn --config /etc/openvpn/client.conf

More Stuff

Wi-Fi System Tools
Check out our Wi-Fi System Charts, Ranker and Finder!

Support Us!

If you like what we do and want to thank us, just buy something on Amazon. We'll get a small commission on anything you buy. Thanks!

Over In The Forums

Hi all,I'm having issues with my new RT-AC86U which I upgraded to from my old N66U a few weeks ago & would appreciate any help or suggestions. I live ...
Hi all, I have a client that runs an Asus rt-ax88u router, they have 14 workstations and a server. The internet will drop out but the cable modem from...
I am using RT86U with AsusWRT firmware. Is there a way to monitor device usage please? I need to keep an eye on usage by a "guest" for a short time!If...
Hi all,I need your suggestion for a router upgrade.Actually I'm using an RT-AC66U (Mipsel/Single Core) with Entware-NG.All worked fine, even if I'm st...
My headless server is placed on the attic with only power and ethernet, it has a old static IP assigned from within windows, so it now faults to a 16...

Don't Miss These

  • 1
  • 2
  • 3