Source : http://blog.nicolargo.com/2010/10/installation-dun-serveur-openvpn-sous-debianubuntu.html
sudo aptitude install openvpn
sudo mkdir /etc/openvpn/easy-rsa/
sudo cp -r /usr/share/doc/openvpn/examples/easy-rsa/2.0/* /etc/openvpn/easy-rsa/
sudo chown -R $USER /etc/openvpn/easy-rsa/
vim /etc/openvpn/easy-rsa/vars
export KEY_COUNTRY="FR"
export KEY_PROVINCE="75"
export KEY_CITY="Paris"
export KEY_ORG="neolao.com"
export KEY_EMAIL="contact@neolao.com"
cd /etc/openvpn/easy-rsa/
source vars
./clean-all
./build-dh
./pkitool --initca
./pkitool --server server
openvpn --genkey --secret keys/ta.key
sudo cp keys/ca.crt keys/ta.key keys/server.crt keys/server.key keys/dh1024.pem /etc/openvpn/
sudo mkdir /etc/openvpn/jail
sudo mkdir /etc/openvpn/clientconf
sudo vim /etc/openvpn/server.conf
# Serveur TCP/443 mode server proto tcp port 443 dev tun
# Cles et certificats ca ca.crt cert server.crt key server.key dh dh1024.pem tls-auth ta.key 0 cipher AES-256-CBC
# Reseau server 10.8.0.0 255.255.255.0 push "redirect-gateway def1 bypass-dhcp" push "dhcp-option DNS 4.4.4.4" push "dhcp-option DNS 8.8.8.8" keepalive 10 120
# Securite user nobody group nogroup chroot /etc/openvpn/jail persist-key persist-tun comp-lzo
# Log verb 3 mute 20 status openvpn-status.log ; log-append /var/log/openvpn.log
sudo openvpn server.conf
Si tout va bien, on peut retirer le dernier commentaire de /etc/openvpn/server.conf
sudo /etc/init.d/openvpn start
sudo sh -c 'echo 1 > /proc/sys/net/ipv4/ip_forward'
sudo vim /etc/sysctl.conf
net.ipv4.ip_forward = 1
sudo iptables -t nat -A POSTROUTING -s 10.8.0.0/24 -o eth0 -j MASQUERADE
cd /etc/openvpn/easy-rsa
source vars
./build-key mon_pc
sudo mkdir /etc/openvpn/clientconf/mon_pc/
sudo cp /etc/openvpn/ca.crt /etc/openvpn/ta.key keys/mon_pc.crt keys/mon_pc.key /etc/openvpn/clientconf/mon_pc/
cd /etc/openvpn/clientconf/mon_pc/
vim client.conf
# Client client dev tun proto tcp-client remote dev.neolao.com 443 resolv-retry infinite cipher AES-256-CBC
# Cles ca ca.crt cert mon_pc.crt key mon_pc.key tls-auth ta.key 1
# Securite nobind persist-key persist-tun comp-lzo verb 3
cp client.conf client.ovpn