OpenVPN is a SSL-based and secured VPN which works on almost every UNIX-like system, and as well on Windows. OpenVPN can be used to connect two machines and exchange traffic between them securely. This guide explains how to setup a connection between two servers using OpenVPN and shared-keys.
Ubuntu or Debian
You can run this command on both servers:
sudo apt-get install openvpn
OpenVPN is based on config files in which all details of the other remote-server are written in. There's also a
Server -> Client Mode for OpenVPN, but it's easier to setup a P2P Connection using shared-keys though, and they fit our needs.
After the installation process has completed, we can create a new file ending with
proto udp mode p2p remote <REMOTE_HOST> rport <REMOTE_PORT> local <LOCAL_HOST> lport <LOCAL_PORT> dev-type tun tun-ipv6 resolv-retry infinite dev <INTERFACE_NAME> comp-lzo persist-key persist-tun cipher aes-256-cbc ifconfig <LOCAL_TUNNEL_IP> <REMOTE_TUNNEL_IP> secret /etc/openvpn/<NAME_OF_CONFIG_FILE>.key
Once we've created our config file, we're all set to create our shared key which we'll have to transfer to the other server.
openvpn --genkey --secret /etc/openvpn/<NAME_OF_CONFIG_FILE>.key
We can now start right away with connecting our servers. We have to create the same config file and copy the key from the initial server onto the other server. But keep in mind, that the config files aren't identical, because
<LOCAL> as well the
<TUNNEL_IP> fields are different.
Once we have copied the key from the initial server to the second server and we have finished editing the config files, we can start the tunnel by typing the following command into our shell:
service openvpn start <NAME_OF_CONFIG_FILE>
ping REMOTE_TUNNEL_IP into our shell, we can verify whether or not the other side is up and running. If there's no reply from the other server, check the following:
Firewalls on both sides.
The key is identical on each server.
<LOCAL> fields are set properly.