February 17, 2014

OpenVPN client on Raspberry Pi

This article was writen in spite of lots of blog posts on this topic, but most of them don't take in account some best practices and have redundant and sometimes wrong information.

So if you wish to use your Raspberry Pi as OpenVPN client and make configure your Raspberry Pi the RightWay(tm) then you have come to the right place :)

First you need to have certificate files, if you are admin on the OpenVPN server also then you need to know how to create these files (not covered in this article) and if you are not then you should ask admin of OpenVPN server to send these files to you.

First file you need is Certificate Authority Certificate file usually named ca.crt, and two are client specific and unique for each client, for this example I'll use raspberry.key and raspberry.crt

First install openvpn package:
sudo apt-get install openvpn

Now create config file for OpenVPN:
vi / etc/openvpn/client.conf

and use these settings:

dev tun
port 1194
proto udp
ca / etc/openvpn/ca.crt
cert / etc/openvpn/raspberry.crt
key / etc/openvpn/raspberry.key
verb 3

Copy certificates and key to /etc/openvpn/ directory on your Raspberry Pi

Start OpenVPN service
sudo / etc/init.d/openvpn start

If OpenVPN service is not starting take a peek into your log file:
tail /var/log/daemon.log

External links: