The userspace program OpenVPN can attach itself to a tun or tap device to receive
packets sent by your OS. The program is also able to write packets to the device. Read
more details in /usr/src/linux/Documentation/networking/tuntap
.txt.
16.2 Creating the Simplest VPN
Example
The following example creates a point-to-point VPN tunnel. It demonstrates how to
create a VPN tunnel between one client and a server. It is assumed that your VPN
server will use the IP address 10.23.8.1 and your client the IP address 10.23.8.2.
You can modify these private IP adresses to your needs but make sure you select
adresses which are not used to minimize problems with IP address or subnet conflicts.
WARNING: Use It Only For Testing
This scenario is only useful for testing and is considered as an example to get
used to VPN. Do not use this as a real world scenario to connect as it can
compromise your security and the safety of your IT infrastructure!
16.2.1 Configuring the VPN Server
To configure a VPN server, do the following:
1 Install the package openvpn on the machine that will later become your VPN
server.
2 Open a shell, become root and create the VPN secret key:
openvpn --genkey --secret /etc/openvpn/secret.key
3 Copy the secret key to your client:
scp /etc/openvpn/secret.key root@10.23.8.2:/etc/openvpn/
Configuring VPN Server
147