The following example creates a point-to-point VPN tunnel. It
demonstrates how to create a VPN tunnel between one client and a server.
It is assumed that your VPN server will use private IP addresses like
10.23.8.1
and your client
the IP address 10.23.8.2
.
You can modify these private IP addresses to your needs but make sure you
select addresses which do not conflict with other IP addresses.
![]() | Use It Only For Testing |
---|---|
This scenario is only useful for testing and is considered as an example to get familiar with VPN. Do not use this as a real world scenario to connect as it can compromise your security and the safety of your IT infrastructure! |
To configure a VPN server, do the following:
Install the package openvpn
on the machine that will later become your VPN server.
Open a shell, become root
and create the VPN secret key:
openvpn --genkey --secret /etc/openvpn/secret.key
Copy the secret key to your client:
scp /etc/openvpn/secret.key root@10.23.8.2:/etc/openvpn/
Create the file /etc/openvpn/server.conf
with the
following content:
dev tun ifconfig 10.23.8.1 10.23.8.2 secret secret.key
Start the YaST firewall module and open UDP port 1194.
Start the OpenVPN service as root
:
rcopenvpn start
To configure the VPN client, do the following:
Install the package openvpn
on your client VPN machine.
Create /etc/openvpn/server.conf
with the
following content:
remote IP_OF_SERVER dev tun ifconfig 10.23.8.2 10.23.8.1 secret secret.key
Replace the placeholder IP_OF_SERVER
in the
first line with either the domain name, or the public IP address of
your server.
Start the OpenVPN service as root
:
rcopenvpn start
After the OpenVPN is successfully started, test if the tun device is available. You can do so with the following command:
ifconfig tun0
To verify the VPN connection, use ping on both client and server to see if you can reach each other. Ping server from client:
ping 10.23.8.1
Ping client from server:
ping 10.23.8.2