====== Installing OpenVPN on Ubuntu 8.04 ======
thereis a good guide at [[https://help.ubuntu.com/11.10/serverguide/openvpn.html]]
<code>
apt-get install openvpn openssl 
cd /usr/share/doc/openvpn/examples/easy-rsa/2.0
nano vars
source ./vars
./clean-all
./build-ca
./build-key-server [server-name]
</code>
leave password blank and answer yes to sign certificate and to commit. 
<code>
./build-dh
./build-key [client-name]
cd keys/
cp myservername.crt myservername.key ca.crt dh1024.pem /etc/openvpn/
cd /usr/share/doc/openvpn/examples/sample-config-files
gzip -d server.conf.gz
cp server.conf /etc/openvpn/
cd /etc/openvpn/
nano server.conf
</code>
change the line 
  ;push "redirect-gateway"
to 
  push "redirect-gateway def1"
(notice that there is no ; at the begining anymore!)

and if you feel like having a little more security also uncomment tese two lines and change the group name to "nogroup" rather than "nobody" 
<code>
user nobody
group nogroup
</code>

also uncomment the line 
  client-to-client

===== optional: NAT for vpn clients =====
if you want your vpn clients to be able to use this server as their internet gateway as well continue here: 
<code>
apt-get install iptables
echo 1 > /proc/sys/net/ipv4/ip_forward
iptables -t nat -A POSTROUTING -s 10.8.0.0/24 -o eth0 -j MASQUERADE
</code>
put the last two lines in your /etc/rc.local if you want this service to be available after the next reboot again

==== configure your client ====
copy the files ca.crt, client.crt and client.key from the server in ///usr/share/doc/openvpn/examples/easy-rsa/2.0/keys/// to your client. also copy the example config file for the client from ///usr/share/doc/openvpn/examples/sample-config-files/client.conf/// to the same directory on your client as the certificates. 
adjust the name of your server in the client config file and again the nouser, nogroup to help with security.