Build own OpenVPN server by using raspberry Pi (Part2/2)

See network diagram above describing our scenario

See network diagram above describing our scenario

1. Traffic is encrypted on the way to OpenVPN server
2. Traffic is initiated from OpenVPN server on behalf of client (mobile, laptop)

Introduction

Welcome to the second part of our article where we will finish our setup on client side. In our scenario I will use smartphone as end-device. At the end we will be able to establish VPN tunnel between smartphone and raspberry Pi, so it does not matter where you are connected, you will be fully redirected to the VPN and using Internet connectivity as you should be sitting at home. Exactly the same procedure with any small differences can be used also for your laptop, table or any other device which is able to install OpenVPN application. 

In case you have some troubles or need to review your server config again, feel free to check our first post:

Build own OpenVPN server by using Raspberry Pi (Part1/2) – server configuration (Raspberry Pi)

Preparing configuration file

 Open (create) new config file so we will edit it according to our requirements:

Now put following content to the file:

Now let me put some words here. First of all, above published keys/certificates are randomly generated and not used in production (security reasons). I have just pasted it here to be sure that you know exactly how content of your config file should look like and what format should be used. You will have to make some adjustments to the config above:

  1. Replace segment <YOUR PUBLIC IP OR DYNDNS HOSTNAME> with your static public IP or dynamic dns record. It has to point to the public IP (dns record) behind which your openVPN server is sitting on. Beware that usually is also needed to make port-forwarding on your router: <any_public_ip>:1194 —-> <local_IP_of_your_raspberry>:1194 Please follow official guideline of your router how to proceed here.

  2.  We used inline references to the keys and certificates as opposed to packaging them up together. Copy and paste each in the appropriate area. Be sure to paste it completely without any  additional spaces or characters.

Once your config file is ready, rename it to the extension .ovpn which is used by OpenVPN application:

Email the Config File to Yourself, or Use Dropbox/Google Drive, etc. Please use secure way to transfer file as it is containing also your private key.

OpenVPN application and import

Just follow screenshots below to install application and import configuration file on client side (in our case android smartphone).

Install OpenVPN application on smartphone

Install OpenVPN application

Import configuration file

Import configuration file

Import Client1.ovpn file from SDcard

Import Client1.ovpn file from SDcard

Insert pass-phrase you've entered during creation

Insert pass-phrase you’ve entered during creation

OVPN profile has been successfully imported

OVPN profile has been successfully imported

VPN connection successfully established

VPN connection successfully established

Final testing

In order to test VPN implementation, you can try to find out what is your current public IP before VPN activation and what is after. If everything is working correctly you will be able to see different IPs. Once you are connected to the VPN tunnel you will see exactly the same public IP as you have at home. For simple testing, you can use website: https://www.whatismyip.com/

During any troubles, you can check logs on server side:

If you need to check logs on client side, use “Show log file” option directly in OpenVPN application.

Conclusion

Congratulations! Now you have successfully finished openVPN configuration on server and client side. In case of any questions, do not hesitate to leave comment below.

source: openvpn.com