yum update
yum install openvpn
which openvpn
wget https://github.com/downloads/OpenVPN/easy-rsa/easy-rsa-2.2.0_master.tar.gz
tar -zxvf easy-rsa-2.2.0_master.tar.gz
cp -R easy-rsa-2.2.0_master/easy-rsa/ /etc/openvpn/
cd /etc/openvpn/easy-rsa/2.0/
ls
vim vars
. vars
./clean-all
./build-ca
./build-key-server servidor_vpn
./build-dh
cd /etc/openvpn/
vim servidor_vpn.conf

----------------------------------------- arquivo de configurao do OpenVPN ------------------------------------------

# IP Internet do Servidor VPN
# local 200.200.200.200
port 1194
proto udp
dev tun
# Chaves e certificados do Servidor VPN
ca keys/ca.crt
cert keys/servidor_vpn.crt
key keys/servidor_vpn.key
dh keys/dh1024.pem
# Rede dos clientes VPN (diferente da LAN)
server 192.168.254.0 255.255.255.0
ifconfig-pool-persist ipp.txt
# Rota de acesso a LAN (172.17.0.0/16) para os clientes VPN
push "route 192.168.1.0 255.255.255.0"
client-to-client
# Permitir que multiplos clientes se conectem com a mesma chave/certificado
# duplicate-cn
# Autenticacao PAM
plugin /usr/lib/openvpn/plugin/lib/openvpn-auth-pam.so login
keepalive 10 120
comp-lzo
user nobody
group nobody
persist-key
persist-tun
status /var/log/openvpn/openvpn-status.log
log /var/log/openvpn/openvpn.log
log-append /var/log/openvpn/openvpn.log
verb 3

----------------------------------------- arquivo de configurao do OpenVPN ------------------------------------------

mkdir /etc/openvpn/keys
mkdir /var/log/openvpn
cp /etc/openvpn/easy-rsa/2.0/keys/ca.crt /etc/openvpn/keys
cp /etc/openvpn/easy-rsa/2.0/keys/servidor_vpn.crt /etc/openvpn/keys
cp /etc/openvpn/easy-rsa/2.0/keys/servidor_vpn.key /etc/openvpn/keys
cp /etc/openvpn/easy-rsa/2.0/keys/dh1024.pem /etc/openvpn/keys
service iptables restart && service openvpn restart
chkconfig openvpn on
echo 1 > /proc/sys/net/ipv4/ip_forward
setup <- libera o firewall e faz NAT com eth0 e tun0
ifconfig <- verifica se tun0 est presente.

CONFIGURAO dos CLIENTES da VPN:

cd /etc/openvpn/easy-rsa/2.0/
. vars
./build-key cliente_linux
./build-key cliente_windows

nos clientes Linux:
yum install openvpn
vim /etc/openvpn/cliente_vpn.conf

---------------------------------------

client
dev tun
proto udp
# IP Internet e porta do Servidor VPN
remote 200.200.200.200 1194
resolv-retry infinite
nobind
persist-key
persist-tun
# Chaves e certificados do cliente VPN
ca keys/ca.crt
cert keys/cliente_linux.crt
key keys/cliente_linux.key
comp-lzo
verb 3
# Autenticacao PAM
auth-user-pass

---------------------------------------

mkdir /etc/openvpn/keys
copiar os arquivos: ca.crt cliente_linux.crt e cliente_linux.key
chkconfig openvpn on
service openvpn restart && service iptables restart

nos clientes Windows:
acesse a pasta "config" do diretrio de instalao do "OpenVPN GUI" ("C:\Program Files\OpenVPN\config")
e crie um arquivo de nome "cliente_vpn.ovpn" (ateno para a extenso do arquivo!) com o seguinte contedo:

client
dev tun
proto udp
# IP Internet e porta do Servidor VPN
remote 200.200.200.200 1194
resolv-retry infinite
nobind
persist-key
persist-tun
# Chaves e certificados do cliente VPN
ca ca.crt
cert cliente_windows.crt
key cliente_windows.key
comp-lzo
verb 3
# Autenticacao PAM
auth-user-pass