Устанавливал по этой инструкции https://serveradmin.ru/nastroyka-openvpn-na-centos-7/ (только у меня Cent OS 6.9 Final). Сделал сертификаты, лежат в /etc/openvpn/
ca.crt
client.crt
client.key
dh.pem
server.conf
server.crt
server.key
server.conf
mode server
dev tun
server 10.128.0.0 255.255.255.0
push "redirect-gateway def1"
push "dhcp-option DNS 8.8.8.8"
tls-server
ca ca.crt
cert server.crt
key server.key
dh dh.pem
proto tcp-server
port 11941
client-to-client
comp-lzo
keepalive 10 120
verb 4
cipher AES-256-CBC
user nobody
group nogroup
max-clients 10
client
proto tcp
dev tun
remote ***.***.***.*** 11941
persist-key
persist-tun
ca ca.crt
cert client.crt
key client.key
cipher AES-256-CBC
comp-lzo
verb 3
ca.crt
client.conf
client.crt
client.key
[root@vps openvpn]# service openvpn start
Starting openvpn: [ OK ]
[root@vps openvpn]#
sudo openvpn --config client.conf
Tue May 16 14:03:23 2017 OpenVPN 2.4.2 x86_64-unknown-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on May 11 2017
Tue May 16 14:03:23 2017 library versions: OpenSSL 1.1.0e 16 Feb 2017, LZO 2.10
Tue May 16 14:03:23 2017 WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.
Enter Private Key Password: **********
Tue May 16 14:03:27 2017 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
Tue May 16 14:03:27 2017 TCP/UDP: Preserving recently used remote address: [AF_INET]***.***.***.***:11941
Tue May 16 14:03:27 2017 Socket Buffers: R=[87380->87380] S=[16384->16384]
Tue May 16 14:03:27 2017 Attempting to establish TCP connection with [AF_INET]***.***.***.***:11941 [nonblock]
Tue May 16 14:03:28 2017 TCP: connect to [AF_INET]***.***.***.***:11941 failed: Connection refused
Tue May 16 14:03:28 2017 SIGUSR1[connection failed(soft),init_instance] received, process restarting
Tue May 16 14:03:28 2017 Restart pause, 5 second(s)
Tue May 16 14:03:33 2017 WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.
Tue May 16 14:03:33 2017 TCP/UDP: Preserving recently used remote address: [AF_INET]***.***.***.***:11941
Tue May 16 14:03:33 2017 Socket Buffers: R=[87380->87380] S=[16384->16384]
Tue May 16 14:03:33 2017 Attempting to establish TCP connection with [AF_INET]***.***.***.***:11941 [nonblock]
Tue May 16 14:03:34 2017 TCP: connect to [AF_INET]***.***.***.***:11941 failed: Connection refused
Tue May 16 14:03:34 2017 SIGUSR1[connection failed(soft),init_instance] received, process restarting
Tue May 16 14:03:34 2017 Restart pause, 5 second(s)
^CTue May 16 14:03:35 2017 SIGINT[hard,init_instance] received, process exiting
