How to Install OpenVPN on a CentOS 5 Based VPS

Must read:

Ferdian Alfianto

Ferdian Alfianto

Ferdian Alfianto is an Internet enthusiast, Mac Lover; likes using Wordpress, experimenting with Linux (especially Debian and Ubuntu), tinkering with pfSense routers, happy experimenting with LEMP (Linux, Nginx, MariaDB, PHP) and Redis. You can contact me here.

NOTE: CentOS 5 is no longer supported by the developer, I have made a new tutorial to install OpenVPN server using Pritunl and Ubuntu, please see here.

To be able to play Point Blank Garena, we must use a tunnel such as SSH, Proxy, WTFast, VPN, and so on. Actually using WTFast can already allow us to play PB Garena. However, because the subscription price is calculated per user at $5.99, this solution is not effective for internet cafes / game centers. Imagine if the cafe has 50 companies, the funds spent can reach $287.50 per month!

For that, I used an alternative to create an OpenVPN server on a VPS based on Linux CentOS 5. It only costs around $10 per month, it can be used by all internet cafe customers. Brilliant solution right? : D

NOTE
Before starting this tutorial on how to install OpenVPN, there are a few things you need to know:

  • I am using a VPS based on OpenVZ technology, but it does not allow this installation to run successfully on KVM, Xen or Deditaced Server.
  • No need for a high specification VPS, what matters is to have a connection with good latency between the cafe to the VPS and to the Garena server. For that, look for a VPS located in Singapore.
  • No need for large bandwidth. The game connection doesn't take up too much bandwidth, with 100 GB per month I think it is enough for all customers to play Garena PB.
  • Look for a VPS that DOES NOT offer unlimited bandwidth. My logic is that if the bandwidth is unlimited, then most of the VPS service users are downloaders, it could be that if the bandwidth pipe reaches the peak, there will be a bottleneck and we won't get good latency for playing games.
  • This installation uses CentOS version 5 32 bit, it can also be installed on a 64 bit machine. For other Linux distributions, I do not guarantee a successful installation. Use on your own risk!

If you understand this, then we will go to the installation steps.

INSTALLATION STEPS

The first step is to check whether tun / tap has been activated or not. This is important, because if you haven't activated tun / tap, OpenVPN won't be able to be installed. Run the command

cat / dev / net / tun

If tun / tap has been activated, it will appear:

cat: / dev / net / tun: File descriptor in bad state

If tun / tap is not active, you can activate it via SolusVM.

Next we will install the required packages, run the command:

yum install gcc make rpm-build autoconf.noarch zlib-devel pam-devel openssl-devel -y

Then download LZO RPM. Run the command:

wget https://openvpn.net/release/lzo-1.08-4.rf.src.rpm

Then we will configure the RPMForge repo. For Centos 5 32bit, run:

wget https://packages.sw.be/rpmforge-release/rpmforge-release-0.5.2-2.el5.rf.i386.rpm

being for Centos 5 64 bit, run:

wget https://packages.sw.be/rpmforge-release/rpmforge-release-0.5.2-2.el5.rf.x86_64.rpm

Next we will build the rpm package, run the command:

rpmbuild --rebuild lzo-1.08-4.rf.src.rpm
rpm -Uvh lzo - *. rpm
rpm -Uvh rpmforge-release *

And we install OpenVPN now, run the command:

yum install openvpn -y

Copy folder easy-rsa / etc / openvpn / with the command:

cp -R /usr/share/doc/openvpn-2.2.2/easy-rsa/ / etc / openvpn /

Then we will create a certificate, run the command:

cd /etc/openvpn/easy-rsa/2.0
chmod 755 *
source ./vars
./vars
./clean-all

And we create a CA:

./build-ca

the following screen will appear:

Country Name: fill in the name of the country or just press enter
State or Province Name: fill in the name of the province or just press enter
City: fill in the city name or just press enter
Org Name: fill in the name of the cafe or company or just press enter
Org Unit Name: fill in the department name or just press enter
Common Name: fill in the hostname of your VPS, for example vpn.tuts.web.id
Email Address: fill in your email address or just press enter

Next is to create a server key, run the command:

./build-key-server server

The display will appear like we created the CA above, but there are additional questions:

Common Name: fill in the server name
A challenge password: just empty it, immediately press enter
Optional company name: just press enter
sign the certificate: type y and enter
1 out of 1 certificate requests: type y and enter

Next, we create Diffie Hellman (wait until this process is finished), run the command:

./build-dh

Then we create a configuration file with the command:

nano /etc/openvpn/server.conf

Copy and paste this configuration:

port 1194 #- port proto udp #- protocol dev tun tun-mtu 1500 tun-mtu-extra 32 mssfix 1450 reneg-sec 0 ca /etc/openvpn/easy-rsa/2.0/keys/ca.crt cert / etc / openvpn /easy-rsa/2.0/keys/server.crt key /etc/openvpn/easy-rsa/2.0/keys/server.key dh /etc/openvpn/easy-rsa/2.0/keys/dh1024.pem plugin / usr / share / openvpn / plugin / lib / openvpn-auth-pam.so /etc/pam.d/login client-cert-not-required username-as-common-name server 10.8.0.0 255.255.255.0 push "redirect-gateway def1 "push" dhcp-option DNS 8.8.8.8 "push" dhcp-option DNS 8.8.4.4 "keepalive 5 30 comp-lzo persist-key persist-tun status 1194.log verb 3

Save the configuration above by pressing Ctrl + O then enter. Then press Ctrl + X.

We run OpenVPN with the command:

openvpn service restart

Next we have to enable IP Forwarding, by changing the Sysctl configuration. Run:

nano /etc/sysctl.conf

and change:

net.ipv4.ip_forward = 0

Becomes

net.ipv4.ip_forward = 1

To make changes to the Sysctl configuration, run the command:

sysctl -p

Next we will do iptables routing with the command:

iptables -t nat -A POSTROUTING -o venet0 -j SNAT --to-source 123.123.123.123

and

iptables -t nat -A POSTROUTING -s 10.8.0.0/24 -j SNAT --to-source 123.123.123.123

Don't forget, to change "123.123.123.123" with your server / VPS IP.

NOTE: Especially for Xen or KVM based VPS, don't use the Iptables routing above, but use:

iptables -t nat -A POSTROUTING -s 10.8.0.0/24 -o eth0 -j MASQUERADE

Then save the Iptables configuration above with the command:

iptables service save

To make username OpenVPN access, enter the command:

useradd username -s / bin / false

being for passwordhis:

passwd username

* Change username with the desired username.

If you want to delete a user, use the command:

userdel username

To make sure OpenVPN is running when the server starts up, run the command:

chkconfig openvpn on

INSTALL THE OPENVPN CLIENT ON THE COMPUTER

We have finished creating the OpenVPN server, then we will install the OpenVPN client on our computer, so we can redirect the connection to the OpenVPN server.

Many OpenVPN clients can be used, but I prefer to use one Securepoint SSL VPN which you can download here.
After you download it, please install Securepoint SSL VPN on your computer.

Before we configure Securepoint SSL VPN, we have to create an ovpn past. Open Notepad, copy and paste the following configuration:

client dev tun proto udp remote 123.123.123.123 1194 # - Enter the IP and port of the OpenVPN server resolv-retry infinite nobind tun-mtu 1500 tun-mtu-extra 32 mssfix 1450 persist-key persist-tun ca.crt auth-user-pass comp-lzo reneg-sec 0 verb 3

Make sure to replace 123.123.123.123 with your OpenVPN server IP. Save the configuration above with a file name vpn.ovpn, and save it in any folder.

Then download the file ca.crt on your OpenVPN server. File location ca.crt is in the directory /etc/openvpn/easy-rsa/2.0/keys/ (You can download using Filezilla, or any other SFTP program). Put files ca.crt this is in the same location as the vpn.ovpn.

Run Securepoint SSL VPN, then click the button "Import". In column "Import existing configuration“, Browse the file vpn.ovpn which we made earlier. And click the button "Import". Then a pop-up box will appear asking for username & password. Securepoint SSL VPN will try to connect to our OpenVPN server. If successful, the connection status will appear "Connection Established". See the picture below.

vpn

Open a browser, and visit whatismyip.com, if it shows the IP address of your OpenVPN server, it means that the connection has been successfully redirected. And now you can run PB Garena Singapore.

For those of you who want to set up OpenVPN on iOS devices (iPhone and iPad), follow the tutorial here.

Share on facebook
Facebook
Share on twitter
Twitter
Share on whatsapp
WhatsApp
Share on telegram
Telegram
Share on email
E-mail

Latest articles:

MongoDB logo
Linux

Easy to Install MongoDB on Ubuntu 20.04

This tutorial explains how to install and configure MongoDB Community Edition on Ubuntu 20.04. MongoDB is a free, open-source document database. Belongs to the so-called database family

Related article:

MongoDB logo

Easy to Install MongoDB on Ubuntu 20.04

This tutorial explains how to install and configure MongoDB Community Edition on Ubuntu 20.04. MongoDB is a free, open-source document database. Belongs to the so-called database family

www

World's First Website

On 6 August 1991, without fanfare, British computer scientist Tim Berners-Lee published his first website while working at CERN, the large particle physics laboratory.

rocket nginx

Rocket-Nginx + WP-Rocket: What are the Benefits?

What is Rocket-Nginx? Rocket-Nginx is a configuration add-on to Nginx for the WordPress cache plugin, WP-Rocket. The developer claims that by injecting the Rocket-Nginx configuration, the