OpenVPN configuration

1

Hello all. Who can give me step-by-step instructions for setting up an OpenVPN server and linking it to my Android phone? If it’s successful, I can pay for the information through Cash App or wire transfer. Let me know what you need to assist.

2

Hi! The forum is a place for free support, and I’m happy to offer my assistance at no cost.
I’ve already set up OpenVPN in IPFire, specifically the “Host-to-Net Virtual Private Network (RoadWarrior)” on several devices. I use it for various purposes, including VoIP, to remotely connect to my “analog phone line”, right from my Android phone.
If you’d like, I can help you with the OpenVPN setup specific to IPFire (Host-to-Net), so you can use it with your Android phone. Let me know if you’re interested, and feel free to ask me any questions. I think it’s easier to start with a step-by-step guide rather than explaining the entire process, which you’ll also find well-documented.

3

Introduction:

Just to clarify, even though you might already know this, it’s worth repeating for other users who may not be familiar with it.

For everything to work properly, it’s crucial that your ISP (on the server side) provides you with a static public IP and allows you to set up port forwarding to the local IP of the machine running the OpenVPN server.

If your ISP provides you with a dynamic IP, you will need to rely on a service like duckdns.org or similar, which will give you a static FQDN that automatically updates and always points to your dynamic public IP.

This is necessary because if remote clients don’t know the public IP where the OpenVPN server is installed, the connection can’t be established. Also, without an FQDN service, there’s no way to know your public IP if it changes frequently.

4

Please help. I appreciate you reaching back to me. I have public a static ip from my ISP, so what next am I supposed to do?

Chika Okoli
+1-501-5025640
LR, Arkansas

5

I have static ip

Chika Okoli
+1-501-5025640
LR, Arkansas

6

Perfect! If your ISP provides you with a static public IP and you have the option to configure port forwarding from your router to the IPFire machine where the OpenVPN server is installed (or if the static public IP from your ISP is directly assigned to the IPFire machine), we can proceed with the configuration.

Here’s my suggestion: I’ll send you screenshots showing how I configured my server. You can replicate the same configuration on your end. It’s the best approach and much faster than a long description.

Give me a moment to prepare the material. As soon as it’s ready, I’ll post everything here. If you follow my configuration, with a bit of luck, it should work without any issues. :wink: :blush:

7

001
0011111×384 25.2 KB

002
0021075×460 23.9 KB

003
0031051×469 27.3 KB

004
0041046×311 23.4 KB

005
0051042×841 46.2 KB

006
0061032×713 39.6 KB

This is the first part of configuration. I redid it on my emulation machine. As soon as it works for you we’ll move on…

8

Great. Waiting.

Chika Okoli

LR, Arkansas

9

001
001994×260 16.8 KB

002
0021107×612 34 KB

003
0031049×1724 74 KB

004
004963×161 10.7 KB

This is the last stage of server configuration.

10

Correzione
Correzione1044×680 42.5 KB

11

Thanks. It will be 7hours before I am home again. I am at work currently

Chika Okoli
+1-501-5025640
LR, Arkansas

12

CLIENT-SIDE PROCEDURE:

  • Download the client package from IPFire.

  • Modify the “filename.ovpn” by deleting all the content, leaving only the following configuration.

  • Upload everything to a folder on your phone and install the “OpenVPN Connect” app from the Google Play Store.

  • On your phone, you will need to install the certificate, the “ta.key” file, and configure the newly installed app.

This is the most complex part, as the steps may vary slightly depending on the Android version of your phone’s operating system.

Make sure there are no NATs on the destination port (see point 4). Below is the full list of client-side procedures, including the .ovpn file.

Try it out and let me know how it goes.
Good luck! :blush:

001
001983×502 34.3 KB

002
002426×203 6.7 KB

003
0031156×990 56.4 KB

#OpenVPN Client conf
tls-client
client
nobind
dev tun
proto udp
tun-mtu 1500

#(Public ip of your ISP where you have the OpenVpn machine, followed by the OpenVpn server service port)
remote 85.xx.xx.xx 487

cipher AES-256-GCM
auth SHA512
tls-auth ta.key
verb 3
remote-cert-tls server
verify-x509-name certificate.host.net name
mssfix

005
0051080×1011 124 KB

13

what is the highlighted?
Is the the LAN or the WAN?

image.png
image.png1090×467 49.4 KB

14

image.png
image.png771×496 39.4 KB

Please check the highlighted area. System reported error

15

I believe it’s the same DNS configuration you use for browsing. I’ve set the local IP of the GREEN interface on IPFire, and it works fine for me. It should also work with Google’s DNS servers, 8.8.8.8 and 8.8.4.4. You can give it a try. If needed, you can always change it later.

That is the virtual network for OpenVPN. The IP range will be assigned to the VPN connections on the clients. You can leave it as is and keep the default settings without any changes.

The port can be left as UDP port with the default value. It is important that it is open in the router.

16

Great

Chika Okoli
+1-501-5025640
LR, Arkansas

1 Like