First let's prepare your vps. Type in the following on ssh. #yum update -y #Now you are ready to continue on the next steps. Step 1: You need to check if you have tun/tap enabled, and you need to download/install all the dependencies and openvpn it'self Code: #cat /dev/net/tun If you get "cat: /dev/net/tun: File descriptor in bad state" then you are all set! If not then ask your host to enable tun! Step 2: Now you need to install openvpn and it's dependencies. Run each of these commands ; #yum install gcc make rpm-build autoconf.noarch zlib-devel pam-devel openssl-devel iptables #wget http://openvpn.net/release/lzo-1.08-4.rf.src.rpm #rpmbuild --rebuild lzo-1.08-4.rf.src.rpm #wget http:// pkgs.repoforge.org/rpmforge-release/rpmforge-release-0.5.2-2.el6.rf.x86_64.rpm #rpm -Uvh lzo-*.rpm #rpm -Uvh rpmforge-release-0.5.2-2.el6.rf.x86_64.rpm #yum install openvpn Step 3: Now you need to change some files, copy directories, and generate the SSL keys for your server. Execute the following commands: #cp -r /usr/share/doc/openvpn-2.2.2/easy-rsa/ /etc/openvpn/ #cp -irv /etc/openvpn/easy-rsa/2.0/openssl-1.0.0.cnf /etc/openvpn/easy-rsa/2.0/openssl.cnf #cd /etc/openvpn/easy-rsa/2.0 #chmod 755 * #source ./vars #./vars #./clean-all Step 4: In the following step you can put whatever you like for certificate details, but leave the password blank by entering "." when prompted. #./build-ca #./build-key-server server #./build-dh Step 5: Now you need to create the openvpn server config file, run the following: *To save and exit the server.conf file we press [ESC] and type: :x #cd /etc/openvpn #vi server.conf local x.x.x.x #- change it with your server ip address port 1194 proto udp dev tun tun-mtu 1500 tun-mtu-extra 32 mssfix 1450 ca /etc/openvpn/easy-rsa/2.0/keys/ca.crt cert /etc/openvpn/easy-rsa/2.0/keys/server.crt key /etc/openvpn/easy-rsa/2.0/keys/server.key dh /etc/openvpn/easy-rsa/2.0/keys/dh1024.pem plugin /usr/share/openvpn/plugin/lib/openvpn-auth-pam.so /etc/pam.d/login client-cert-not-required username-as-common-name server 10.8.0.0 255.255.255.0 push "redirect-gateway def1" push "dhcp-option DNS 8.8.8.8" push "dhcp-option DNS 8.8.4.4" keepalive 5 30 comp-lzo persist-key persist-tun status server-tcp.log verb 3 Step 6: Check your OpenVPN server is working, and configure some few extra bits for firewall, ipforwarding, auto startup, etc *If you see “Initialization Sequence Completed.” then all is good! Press [CTRL+z] to exit. #openvpn /etc/openvpn/server.conf Step 7: type the following ; #chkconfig openvpn on #chkconfig iptables on Step 8: Now change up the iptables for the VPN to work. *Again, press [ESC] to exit text mode and save/exit with :x #vi /etc/sysctl.conf Change the line: net.ipv4.ip_forward = 0 TO 1 Comment out this line: # net.ipv4.tcp_syncookies = 1 After type the following to save : #sysctl -p Step 9: We will use SNAT instead of MASQUERADE to forward data via iptables. Remember to replace x.x.x.x with your server IP #iptables -A FORWARD -m state --state RELATED,ESTABLISHED -j ACCEPT #iptables -A FORWARD -s 10.8.0.0/24 -j ACCEPT #iptables -t nat -A POSTROUTING -s 10.8.0.0/24 -j SNAT --to x.x.x.x #service iptables save Step 10: You need to create a client config file for your VPN clients Create a config file named NameOfVPN.ovpn and put it in your %programfiles%/OpenVPN/Config/NameOfDir/ The ovpn config file should contain the following, replace x.x.x.x with your VPN IP. You will also need to copy the Server CA (Certificate Authority) crt file to each of your clients! Download ca.crt from /etc/openvpn/easy-rsa/2.0/keys and put in %programfiles%/OpenVPN/Config/NameOfDir/ client dev tun proto udp remote x.x.x.x 1194 #- your OPENVPN server ip and port resolv-retry infinite nobind tun-mtu 1500 tun-mtu-extra 32 mssfix 1450 persist-key persist-tun ca ca.crt auth-user-pass comp-lzo verb 3 Step 11: Make your vpn tunnel start upon boot (adds the command to rc.local) #echo openvpn /etc/openvpn/server.conf >> /etc/rc.d/rc.local #openvpn /etc/openvpn/server.conf Final step 12: Your VPS will need to get rebooted so type the following; #reboot Useful Commands: To create a new user we type: (replace openvpn with the username) #useradd openvpn -s /bin/false To create the password we type #passwd openvpn To Delete a user type #userdel openvpn source : https://venetx.com/knowledgebase/2/How-to-create-a-OpenVPN-VPN-Server-on-CentOS-6-64bit.html