OpenVPN:Client Configuration: Difference between revisions

Latest revision as of 13:44, 1 January 2026

This document describes how to configure OpenVPN clients.

Client Files

Client configuration files (.ovpn) are stored in /root/:

josh.ovpn

Work_MacBook_Air.ovpn

StrawberryNAS.ovpn (Synology NAS)

Client Configuration Structure

Each client .ovpn file contains:

Client certificate

Client private key

CA certificate

TLS-Crypt key

Connection settings (server IP, port, protocol)

Client Configuration Directory

Per-client configurations can be placed in /etc/openvpn/ccd/ to assign static IP addresses or custom routes.

Current CCD Files:

StrawberryNAS - Static IP configuration for Synology NAS (10.8.0.2)

Example CCD File

Example CCD file content:

ifconfig-push 10.8.0.2 255.255.255.0

This assigns a static IP address (10.8.0.2) to the client named "StrawberryNAS". The second parameter is the netmask for the VPN subnet.

Client Connection

Connecting from Client

Install OpenVPN client on the device

Import the `.ovpn` file into the OpenVPN client

Connect using the client application

Synology NAS Connection

The Synology NAS connects using StrawberryNAS.ovpn and typically receives IP address 10.8.0.2.

Verifying Connection

From the server, verify client is connected:

==== Check connected clients ====
cat /etc/openvpn/server/ipp.txt

== Check VPN interface ==
ip addr show tun0

== Ping client ==
ping 10.8.0.2

@@ Line 1: / Line 1: @@
-= OpenVPN Client Configuration =
 This document describes how to configure OpenVPN clients.
@@ Line 7: / Line 5: @@
 Client configuration files (<code>.ovpn</code>) are stored in <code>/root/</code>:
-'' <code>josh.ovpn</code>
+* <code>josh.ovpn</code>
-'' <code>Work_MacBook_Air.ovpn</code>
-'' <code>StrawberryNAS.ovpn</code> (Synology NAS)
+* <code>Work_MacBook_Air.ovpn</code>
+* <code>StrawberryNAS.ovpn</code> (Synology NAS)
 == Client Configuration Structure ==
 Each client <code>.ovpn</code> file contains:
-'' Client certificate
+* Client certificate
-'' Client private key
-'' CA certificate
+* Client private key
-'' TLS-Crypt key
-'' Connection settings (server IP, port, protocol)
+* CA certificate
+* TLS-Crypt key
+* Connection settings (server IP, port, protocol)
 == Client Configuration Directory ==
@@ Line 25: / Line 29: @@
 '''Current CCD Files''':
-'' <code>StrawberryNAS</code> - Static IP configuration for Synology NAS (10.8.0.2)
+* <code>StrawberryNAS</code> - Static IP configuration for Synology NAS (10.8.0.2)
 === Example CCD File ===
@@ Line 40: / Line 44: @@
 === Connecting from Client ===
-= '''Install OpenVPN client''' on the device =
+==== '''Install OpenVPN client''' on the device ====
-= '''Import the <code>.ovpn</code> file''' into the OpenVPN client =
+== '''Import the <code>.ovpn</code> file''' into the OpenVPN client ==
-= '''Connect''' using the client application =
+== '''Connect''' using the client application ==
 === Synology NAS Connection ===
@@ Line 53: / Line 57: @@
 <pre class="lang-bash">
-= Check connected clients =
+==== Check connected clients ====
 cat /etc/openvpn/server/ipp.txt
-= Check VPN interface =
+== Check VPN interface ==
 ip addr show tun0
-= Ping client =
+== Ping client ==
 ping 10.8.0.2
 </pre>
@@ Line 65: / Line 69: @@
 == Related Documentation ==
-'' [Server Configuration](server-configuration.md) - Server setup
+* [Server Configuration](server-configuration.md) - Server setup
-'' [User Management](user-management.md) - Adding new clients
-'' [Certificate Management](certificate-management.md) - Certificate details
+* [User Management](user-management.md) - Adding new clients
+* [Certificate Management](certificate-management.md) - Certificate details
 [[Category:Documentation]]
 [[Category:Documentation/OpenVPN]]