Create a file /usr/local/etc/openvpn/idefix.ovpn:
client dev tun proto udp remote <server-host> <port> resolv-retry infinite nobind ca /usr/local/etc/openvpn/keys/ca.crt cert /usr/local/etc/openvpn/keys/idefix.crt key /usr/local/etc/openvpn/keys/idefix.key comp-lzo verb 1 mute 10
Copy the the keyfiles from the server to the client into the directory /usr/local/etc/openvpn/keys.
Edit /etc/rc.conf:
openvpn_enable="YES" # YES or NO openvpn_if="tun" # driver(s) to load, set to "tun", "tap" or "tun tap" openvpn_flags="" # openvpn command line flags openvpn_configfile="/usr/local/etc/openvpn/idefix.ovpn" # --config file openvpn_dir="/usr/local/etc/openvpn" # --cd directory
Start vpn connection now with /usr/local/etc/rc.d/openvpn start.
Check /var/log/messages for error etc.
We store our keys on:
cd /usr/local/etc/openvpn/keys-server/
Configure config file to point to the folder /usr/local/etc/openvpn/keys-server/:
cp /usr/local/share/easy-rsa/vars . vi vars (change at least line KEY_DIR)
Create the server keys with:
bash cd /usr/local/share/easy-rsa . /usr/local/etc/openvpn/keys-server/vars ./build-ca ./build-key-server server ./build-dh
Create client keys:
bash cd /usr/local/share/easy-rsa . /usr/local/etc/openvpn/keys-server/vars ./build-key client1