OpenVPN Server Setup

If you ever need to setup a vpn either for securing your communication (read: internet privacy) or providing remote access to your server, OpenVPN might be one good try.

Just finished working on OpenVPN setup on Ubuntu, here's the how-to link:
https://www.digitalocean.com/community/tutorials/how-to-set-up-an-openvpn-server-on-ubuntu-16-04

Several notes (all the commands below are executed as root):

1. Configuration file

/etc/openvpn/server.conf

2. Some useful commands

Check status: systemctl status openvpn@server 

Start: systemctl start openvpn@server 

Stop: systemctl stop openvpn@server 

Starts automatically: systemctl enable openvpn@server 

Check OpenVPN tun0 interface up: ip addr show tun0

3. Allow client to client connection
- Edit server.conf enable client-to-client

# Uncomment this directive to allow different
# clients to be able to "see" each other.
# By default, clients will only see the server.
# To force clients to only see the server, you
# will also need to appropriately firewall the
# server's TUN/TAP interface.
client-to-client

- Restart openvpn service

4. Adding new client

cd ~/openvpn-ca
source vars
./build-key-pass client1
(change client1 to any client name)
Note:
the defaults should be populated, so you can just hit ENTER to continue. Leave the challenge password blank and make sure to enter y for the prompts that ask whether to sign and commit the certificate.

5. Generate client config

cd ~/client-configs
./make_config.sh client1
(client1 should be replace with the client name used to generate the key)
File will be generated in ~/client-configs/files/client1.ovpn
Transfer the ovpn file to client

6. Client Setup
For Mac, tunnelblick works for me (https://tunnelblick.net/).
For Windows, OpenVPN provides one (https://openvpn.net/community-downloads/)