OpenVPN

Installation
Install openvpn package by running

Server side
If this is the first time setting up an openvpn server, we will need to create a PKI (Public Key Infrastructure) from scratch.

Write a server-side openvpn configuration.

to start openvpn server, run

Client side
Copy the necessary key files to client, via a secure way (such as SSH), including


 * ca.crt
 * client1.csr (in this example)
 * client1.crt (in this example)
 * client1.key (in this example)
 * ta.key (if using tls-auth)

Write a client-side openvpn configuration.

To start client, run

If all goes well, this would give you a working OpenVPN server and client connection.

Gentoo Specifics
The init script allows multiple tunnels. Decide on a name for the tunnel - eg EXAMPLE

Now create your config as /etc/openvpn/EXAMPLE.conf

You can then create more tunnels by replacing EXAMPLE with more names. Each one has its own configuration and can be stopped and started individually. The default is simply to use openvpn.conf and not symlink the service. You can of course use both methods.

External Resources

 * https://wiki.archlinux.org/index.php/OpenVPN
 * easy vpn