How to install OpenVPN Server

yum install epel-release -y
yum update -y
cd /opt/
systemctl stop firewalld
systemctl mask firewalld
systemctl disable firewalld
yum install -y iptables-services
systemctl start iptables
/sbin/sysctl -w net.ipv4.ip_forward=1
Nếu không có thì
vi /etc/sysctl.conf
net.ipv4.ip_forward = 1
/sbin/sysctl -p
vi /usr/lib/sysctl.d/50-default.conf
net.ipv4.ip_forward = 1
curl -O https://raw.githubusercontent.com/Angristan/openvpn-install/master/openvpn-install.sh
chmod +x openvpn-install.sh
./openvpn-install.sh
Hoặc chạy lệnh sau:
wget https://git.io/vpn -O openvpn-install.sh && bash openvpn-install.sh

vi /etc/openvpn/server.conf
Edit theo các dòng dưới sau:
server 10.9.0.0 255.255.255.0
#push "redirect-gateway def1 bypass-dhcp"
push "route 10.9.0.0 255.255.255.0"
push "route 10.30.10.0 255.255.255.0" # IP Range local
systemctl restart openvpn@server.service
systemctl enable openvpn@server.service
vi /etc/sysconfig/iptables

*nat
:PREROUTING ACCEPT [2:120]
:POSTROUTING ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
-A POSTROUTING -s 10.8.0.0/24 -j SNAT --to-source 10.30.10.5
-A POSTROUTING -s 10.8.0.0/24 -o eth0 -j MASQUERADE
-A POSTROUTING -s 10.8.0.0/24 -o eth1 -j MASQUERADE
COMMIT
# Completed on Thu Oct 13 09:54:16 2016
# Generated by iptables-save v1.4.7 on Thu Oct 13 09:54:16 2016
*filter
:INPUT ACCEPT [218:30100]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [578:56142]
-A INPUT -p udp -m udp --dport 1194 -j ACCEPT
-A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
-A INPUT -p icmp -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -p tcp -m state --state NEW -m tcp --dport 2728 -j ACCEPT
-A INPUT -p tcp -m state --state NEW -m tcp --dport 22 -j ACCEPT
-A INPUT -p tcp -m state --state NEW -m tcp --dport 8069 -j ACCEPT
-A INPUT -p tcp -m state --state NEW -m tcp --dport 10050 -j ACCEPT
-A FORWARD -s 10.8.0.0/24 -j ACCEPT
-A FORWARD -m state --state RELATED,ESTABLISHED -j ACCEPT
COMMIT
systemctl restart openvpn@server.service
systemctl restart iptables
iptables -L
ln -s /opt/openvpn-install.sh /usr/bin/vpn-create-user