Write
OneWriteup
  • Login
  • Trending
  • Articles
  • Blog
  • Tutorials
  • News
  • Research
  • Top 10 Lists
  • Case Studies
  • Writeup
  • Interviews
  • Personal Stories
  • Infographics
No Result
View All Result
  • Trending
  • Articles
  • Blog
  • Tutorials
  • News
  • Research
  • Top 10 Lists
  • Case Studies
  • Writeup
  • Interviews
  • Personal Stories
  • Infographics
No Result
View All Result
OneWriteup
No Result
View All Result

How to Configure OpenVPN Server for Multi Clients Setup in Windows?

FOUNDER by FOUNDER
August 19, 2025
Reading Time: 8 mins read
36
0
onewriteup.com
Share on FacebookShare on Twitter

 

OpenVPN is a powerful and flexible VPN solution that allows you to secure your internet connection and ensure privacy. This guide will walk you through the step-by-step process of setting up an OpenVPN server on a Windows machine and configuring it for secure, remote access.

STEP 1: Download OpenVPN

Begin by downloading the latest version of OpenVPN for Windows from the official website:

Download OpenVPN

 

STEP 2: Install OpenVPN Server on Windows

  1. Run the Setup File:
    • Launch the OpenVPN installer.
    • Choose the option to Customize the installation.

  2. Customize the Installation:
    • Expand the OpenVPN Service option by clicking the plus button (+) and select Will be installed on local hard drive.
    • Similarly, expand the OpenSSL Utilities option and select Will be installed on local hard drive.
    • Proceed with the installation by clicking Install Now.

 

 

 

 

 

 

 

STEP 3: Create Certificates and Keys for the Server

  1. Open CMD with Administrator privileges:
  2. Navigate to the directory 'C:\Program Files\OpenVPN\easy-rsa\'
  3. Run EasyRSA-Start.bat script:
  4. Delete the default configuration of OpenVPN:
    ./easyrsa clean-all

  5. Initialize a database and directory structure for the Public Key Infrastructure (PKI):
    ./easyrsa init-pki
  6. Create a Certificate Authority (CA) without a pass:
    ./easyrsa build-ca nopass
    Name your CA (e.g.,
    server1.local).

  7. Create certificates and keys for an OpenVPN server:
    /easyrsa build-server-full Server nopass

  8. Initialize Diffie-Hellman Parameter for secure key exchange:
    ./easyrsa gen-dh

STEP 4: Configure OpenVPN server

  1. Create a new folder called `Server-Config-Files` on desktop
  2. Copy the following files from the Easy-RSA directory to the Server-Config-Files folder:
    • ca.crt (from C:\Program Files\OpenVPN\easy-rsa\pki\)
    • dh.pem (from C:\Program Files\OpenVPN\easy-rsa\pki\)
    • Server.crt (from C:\Program Files\OpenVPN\easy-rsa\pki\issued\)
    • Server.key (from C:\Program Files\OpenVPN\easy-rsa\pki\private\)These are all of the copied files we have stored

3.  Create a configuration file for the OpenVPN server called Server.ovpn

port 1194
proto udp
dev tun

ca ca.crt
cert Server.crt
key Server.key
dh dh.pem

server 10.10.0.0 255.255.255.0
ifconfig-pool-persist ipp.txt

keepalive 10 120

push "route 10.10.0.0 255.255.255.0"
push "dhcp-option DNS 8.8.8.8"
push "dhcp-option DNS 8.8.4.4"
push "redirect-gateway def1"

comp-lzo
persist-key
persist-tun

status openvpn-status.log
verb 3

 

If you’re running your OpenVPN server and want to allow all clients to access each other, you can follow these steps:

 Edit the OpenVPN Server Configuration File

  1. Add  the following line to server.ovpn:
    client-to-client
    • This directive allows the clients to communicate with each other through the VPN.

 

4. Copy all configuration files and folders of `Server-Config-Files` and paste on

C:\Program Files\OpenVPN\easy-rsa\pki\private\

C:\Program Files\OpenVPN\config-auto\

 

5. Enable the IPEnableRouter option to allow client to access the Internal LAN

  • Open the Registry Editor by typing regedit in the Run dialog (Win + R).
  • Navigate to Computer\HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters.
  • Set the value of IPEnableRouter to 1.

|

6. Configure Internet sharing between LAN and VPN tunnel

Go to Network and Sharing Center and set up internet connection sharing between your LAN and the VPN tunnel interface.

 

7. Adjust the firewall to allow port 1194 /udp

  • Open Windows Defender Firewall.
  • Under Inbound Rules, create a new rule to allow UDP traffic on port 1194.
  • Name the rule “OpenVPN” and save it.

 

STEP 5: Create a Client Profile

  1. Generate Client Certificates and Keys:
    • Create the client’s certificate and key using the following command:

      ./easyrsa build-client-full Client1 nopass


    • Confirm the process when prompted.
  2. Create a Client Configuration Directory:
    • On your desktop, create a folder named Client-Config-Files.
  3. Copy Client Certificates and Keys:
    • Copy the following files to the Client-Config-Files folder:
      • ca.crt (from C:\Program Files\OpenVPN\easy-rsa\pki\)|
      • Client1.crt (from C:\Program Files\OpenVPN\easy-rsa\pki\issued\)
      • Client1.key (from C:\Program Files\OpenVPN\easy-rsa\pki\private\)

STEP 6: Set Up the OpenVPN Client

  1. Now send these files to the client machine.
  2. Restart OpenVPN service to apply the changesNavigate to OpenVPNService and restart.

    OpenVPN server configuration on Windows is complete.
    Now move to a Windows client machine to perform the test.

  3. Download and install OpenVPN on the client similar to the process on the server. (In Step 2)
  4. Create a configuration file for the OpenVPN server called client.ovpn
    client
    dev tun
    proto udp
    remote Your-Public-IP-Address 1194
    resolv-retry infinite
    nobind
    persist-key
    persist-tunca ca.crt
    cert Client1.crt
    key Client1.keycomp-lzo
    dhcp-option DNS 8.8.8.8
    dhcp-option DNS 8.8.4.4verb 3
    Create a configuration file for the client



    Save it as Client.ovpn in Client-Config-Files folder

  5. Copy all the files to the C:\Program Files\OpenVPN\config directory
  6. Configure the firewall to allow traffic through port 1194/UDP

    Go to Windows Defender Firewall and select Outbound Rules and create a New Rule.
    Select Port > UDP  and use port 1194

    Allow this connection for the port.

     

    Write OpenVPN in name and click on finish.

    Now you Are Successfully connected to the server.

    You can create as much clients profile as you want for multiple user access.

 

Disclaimer: This blog is for educational purposes only, promoting awareness of ethical hacking and cybersecurity to help readers protect against cyber threats. All content is based on lawful experiments on our own systems. No illegal activities are endorsed. Users agree to apply the information responsibly and legally. The blog and author are not liable for any misuse. By using this blog, you agree to use all knowledge ethically and legally. [Read full disclaimer].

Buy me a coffee
FOUNDER

FOUNDER

Cybersecurity aficionado committed to disseminating expertise, crafting articles that empower others to resolve errors and fortify online defenses with ease.

Recently Posted

Beginner’s Guide to Reverse Engineering Malware with dnSpy

Beginner’s Guide to Reverse Engineering Malware with dnSpy.

August 19, 2025
176
DNS Based Data Exfiltration Using Burp Collaborator Client

DNS Based Data Exfiltration Using Burp Collaborator Client

August 19, 2025
143
Jailbreak Gemini 2.5 Pro: A Guide to CLI Access and Jailbreaking in Kali Linux

Jailbreak Gemini 2.5 Pro: A Guide to CLI Access and Jailbreaking in Kali Linux

August 19, 2025
1.1k
HOW To BECOME AN ETHICAL HACKER ROADMAP

Free Cybersecurity Roadmap for Ethical Hacking Career in 2025

August 19, 2025
885
Load More

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Recommended

how-i-hacked-a-hack-the-box-machine-using-ai

How I Hacked a Hack The Box Machine “Jarvis” Using White Rabbit Neo AI ?

August 19, 2025
214
How To Create Vulnerable Active Directory HomeLab for Penetration Testing?

How To Create Vulnerable Active Directory HomeLab for Penetration Testing?

August 19, 2025
267

Popular Story

  • Jailbreak Gemini 2.5 Pro: A Guide to CLI Access and Jailbreaking in Kali Linux

    Jailbreak Gemini 2.5 Pro: A Guide to CLI Access and Jailbreaking in Kali Linux

    202 shares
    Share 81 Tweet 51
  • 100 Most Asked SOC Analyst Interview Questions For Freshers

    125 shares
    Share 50 Tweet 31
  • OSCP vs OSCP+: What New Changes Have Been Made?

    119 shares
    Share 48 Tweet 30
  • NoSQL Injection Complete Guide, Types, Examples, Cheat Sheet

    57 shares
    Share 23 Tweet 14
  • How to use Bloodhound / Sharphound for Pentesting Active Directory?

    130 shares
    Share 52 Tweet 33

Support This Write-Up. Fund the Next

Buy me a coffee
OneWriteup

Discover expert cybersecurity articles, tutorials, and the latest trends to protect your digital world.

  • Disclaimer
  • About Us
  • Feedback
  • Contact Us
  • Report
  • Privacy Policy
  • Community Guidelines
  • Terms Of Service

© 2024 OneWriteup

No Result
View All Result
  • Trending
  • Articles
  • News
  • Blog
  • Tutorials
  • Research
  • Top 10 Lists
  • Case Studies
  • Interviews
  • Login

© 2024 OneWriteup

Welcome Back!

Login to your account below

Forgotten Password?

Retrieve your password

Please enter your username or email address to reset your password.

Log In