> build-ca Generate a Certificate and a Private Key for the Server > build-key-server server Generate a Certificate and a Private Key for the Client Next thing to do is to initialise the PKI: > vars Now edit the vars file (it’s called vars.bat on Windows): > notepad vars.batĪnd set the parameters below appropriately: KEY_COUNTRY=GBĭon’t leave any of these parameters blank. Run the following batch file to copy configuration files into place: > init-config Open up a Command Prompt windows as Administrator and change directory to C:\Program Files\OpenVPN\easy-rsa: C:\Users\Administrator> cd \Program Files\OpenVPN\easy-rsa Generate the Master Certificate Authority (CA) Certificate and Key Rename the TAP adapter to “tap-vpn” for the sake of clarification. Optional: Rename TAP-Windows Adapter V9įind which network interface that is not connected to the Internet and has the device name listed as “TAP-Windows Adapter V9”. We are going to need to open a UDP port 11194 in the AWS security group associated with the server.
Openvpn clients windows install#
When you install OpenVPN, make sure the following box is ticked: Instructions have been tested with OpenVPN 2.4.0 on Windows Server 2012 R2. To get it, visit the easy-rsa page on GitHub. Note that easy-rsa was included with 2.3.2, but is no longer bundled with OpenVPN source code archives (according to the OpenVPN downloads page). Make sure that you install the OpenSSL utilities and OpenVPN RSA certificate management scripts.
Install OpenVPNĭownload the package from the official website here (OpenVPN 2.3.2) and install OpenVPN server on a Windows machine.
Setting up an OpenVPN server on a Windows Server 2008 hosted on AWS.