OpenBSD is a free and open source operating system with a strong focus on security. OpenVPN is a free and open-source software application that implements virtual private network (VPN) techniques to create secure point-to-point or site-to-site connections.

You need to use the pkg_add command to install or update software packages on OpenBSD based system. The syntax is pretty simple:

pkg_add pkgNameHere
pkg_add -v pkgNameHere


Make sure /etc/installurl setup correctly.

$ cat /etc/installurl
https://cloudflare.cdn.openbsd.org/pub/OpenBSD

Install OpenVPN on OpenBSD

To install OpenVPN just type the following pkg_add command:

# pkg_add -v openvpn

OpenVPN client configuration on OpenBSD

I am assuming that you have a file named openbsd.ovpn. The format is as follows:

cat openbsd.ovpn


Sample outputs:

client
dev tun
proto tcp
sndbuf 0
rcvbuf 0
remote 131.x.y.z 443
resolv-retry infinite
nobind
persist-key
persist-tun
remote-cert-tls server
cipher AES-128-CBC
comp-lzo
setenv opt block-outside-dns
key-direction 1
verb 3
<ca>
-----BEGIN CERTIFICATE----
.....
..
...
-----END CERTIFICATE------
</ca>
<cert>
Certificate:
Data:
Version: 3 (0x2)
.....
..
..
-----END OpenVPN Static key V1-----
</tls-auth>

Install OpenVPN config file

Make a directory using the mkdir command:

# mkdir /etc/openvpn/

Copy openbsd.ovpn file from remote OpenVPN server using the OpenVPN command:

# scp vyga@openvpn-ucartz:~/.openvpn/openbsd.ovpn /etc/openvpn/

Create a file named /etc/hostname.tun0

Use a text editor such as vi commands:

# vi /etc/hostname.tun0


Append the following config:

up
!/usr/local/sbin/openvpn --daemon --config /etc/openvpn/openbsd.ovpn

Save and close the file in vi/vim.
OpenVPN normally re-creates the tun/tap interface at startup. OpenVPN should be started from the hostname.tun0.

Running OpenVPN on OpenBSD

No need to reboot the desktop. You can bring VPN online using the following command:

# /usr/local/sbin/openvpn --daemon --config /etc/openvpn/openbsd.ovpn

Verification

Use the ifconfig command to see tun0 interface:

# ifconfig tun0

Get routing info:

# netstat -nr
# netstat -nr -f inet | more


Make sure you can ping the gateway using the ping command:

$ ping 10.8.0.1
$ ping google.com
#######################################################################
### your vpn server also act as a dns server to hide dns queries too ##
$ host rootadminz.com 10.8.0.1


Finally, find out your public IP address from the command line on OpenBSD using :

$ dig +short myip.opendns.com @resolver1.opendns.com


OR

$ host myip.opendns.com resolver1.opendns.com


Sample VPN server IP address:

"131.x.y.z"

Successfully OpenVPN client running on OpenBSD desktop.

Was this answer helpful? 0 Users Found This Useful (0 Votes)