We install the openvpn client on our Linux computer:
sudo yum install openvpn
or
sudo apt install openvpn
We copy the file id-XXXXXX.server.polish-vpn.pl.ovpn:
sudo cp id-XXXXXX.server.polish-vpn.pl.ovpn /etc/openvpn/client.conf
We check if the connection from the terminal is ok:
sudo openvpn --client --config /etc/openvpn/client.conf
After starting the OpenVPN service, Linux will automatically connect via the script:
sudo systemctl start openvpn @ client # <--- launch the OpenVPN client
We run the next commands after connecting to the OpenVPN server from the Linux terminal:
ping 10.255.0.1 # Ping the IP of the OpenVPN server or the IP gateway ip route # Check if routing is working properly dig TXT + short o-o.myaddr.l.google.com @ ns1.google.com #Must return the public IP of our OpenVPN server
1. Check the OpenVPN server logs:
journalctl --identifier ovpn-server
2. Is the firewall blocking connections or ports:
cat /etc/rc.local
#! / bin / sh -e iptables -t nat -A POSTROUTING -s 10.8.0.0/24! -d 10.8.0.0/24 -j SNAT --to 172.26.6.74 exit 0
3. Is the OpenVPN server running and the necessary ports are open:
netstat -tulpn | grep: 1194 ## 1194 - port openVPN server ## ss -tulpn | grep: 1194 ## 1194 - port openVPN server ## ps aux | grep openvpn ## is the openvpn server running? ## ps -C openvpn ## is the openvpn server running? ## pidof openvpn ## find process PID openvpn server ##
If the service is not active, just start it:
sudo systemctl restart openvpn @ server
Check for errors in:
sudo systemctl status openvpn @ server
4. Can the Linux client connect to the server with OpenVPN. We check if the required port (UDP 1194) accepts the traffic (we change the IP below to the server's IP):
nc -vu XXX.XXX.XXX.XXX 1194 Connection to XXX.XXX.XXX.XXX 1194 port [udp / openvpn] succeeded!
If it is impossible to connect - it may mean that either the firewall on the computer (Linux) is blocking such connection, or the router or the Internet provider is blocking the selected port / protocol. You can try to connect via an alternate port 8080