Article

Table of Contents
Theme:
Was this article helpful?

1  out of  1 found this helpful

Try Vultr Today with

$50 Free on Us!

Get started now
Want to contribute?

You could earn up to $600 by adding new articles.

Learn more!

Connect Two Servers Using OpenVPN With Shared Secret

Last Updated: Tue, Jun 7, 2016
Debian Linux Guides System Admin Ubuntu

Introduction

OpenVPN is a SSL-based and secured VPN which works on almost every UNIX-like system, and as well on Windows. OpenVPN can be used to connect two machines and exchange traffic between them securely. This guide explains how to setup a connection between two servers using OpenVPN and shared-keys.

Prerequirements

  • Ubuntu or Debian

  • 10 Minutes

Install packages

You can run this command on both servers:

sudo apt-get install openvpn

Configuration

OpenVPN is based on config files in which all details of the other remote-server are written in. There's also a Server -> Client Mode for OpenVPN, but it's easier to setup a P2P Connection using shared-keys though, and they fit our needs.

After the installation process has completed, we can create a new file ending with .conf under /etc/openvpn/*.

proto       udp

mode        p2p

remote      <REMOTE_HOST>

rport       <REMOTE_PORT>

local       <LOCAL_HOST>

lport       <LOCAL_PORT>

dev-type    tun

tun-ipv6

resolv-retry infinite

dev         <INTERFACE_NAME>

comp-lzo

persist-key

persist-tun

cipher aes-256-cbc

ifconfig <LOCAL_TUNNEL_IP>  <REMOTE_TUNNEL_IP>

secret /etc/openvpn/<NAME_OF_CONFIG_FILE>.key

Once we've created our config file, we're all set to create our shared key which we'll have to transfer to the other server.

openvpn --genkey --secret /etc/openvpn/<NAME_OF_CONFIG_FILE>.key

Connect the servers

We can now start right away with connecting our servers. We have to create the same config file and copy the key from the initial server onto the other server. But keep in mind, that the config files aren't identical, because <REMOTE> and <LOCAL> as well the <TUNNEL_IP> fields are different.

Start the tunnel

Once we have copied the key from the initial server to the second server and we have finished editing the config files, we can start the tunnel by typing the following command into our shell:

service openvpn start <NAME_OF_CONFIG_FILE>

Test the tunnel

By typing ping REMOTE_TUNNEL_IP into our shell, we can verify whether or not the other side is up and running. If there's no reply from the other server, check the following:

  • Firewalls on both sides.

  • The key is identical on each server.

  • The <REMOTE> and <LOCAL> fields are set properly.

Want to contribute?

You could earn up to $600 by adding new articles.

Submit your article Request an article