...
Write
OneWriteup
  • Login
  • Trending
  • Articles
  • Blog
  • Tutorials
  • News
  • Research
  • Top 10 Lists
  • Case Studies
  • Writeup
  • Interviews
  • Personal Stories
  • Infographics
No Result
View All Result
  • Trending
  • Articles
  • Blog
  • Tutorials
  • News
  • Research
  • Top 10 Lists
  • Case Studies
  • Writeup
  • Interviews
  • Personal Stories
  • Infographics
No Result
View All Result
OneWriteup
No Result
View All Result

How to Configure OpenVPN Server for Multi Clients Setup in Windows?

FOUNDER by FOUNDER
August 19, 2025
Reading Time: 8 mins read
38
0
onewriteup.com
Share on FacebookShare on Twitter

 

OpenVPN is a powerful and flexible VPN solution that allows you to secure your internet connection and ensure privacy. This guide will walk you through the step-by-step process of setting up an OpenVPN server on a Windows machine and configuring it for secure, remote access.

STEP 1: Download OpenVPN

Begin by downloading the latest version of OpenVPN for Windows from the official website:

Download OpenVPN

 

STEP 2: Install OpenVPN Server on Windows

  1. Run the Setup File:
    • Launch the OpenVPN installer.
    • Choose the option to Customize the installation.

  2. Customize the Installation:
    • Expand the OpenVPN Service option by clicking the plus button (+) and select Will be installed on local hard drive.
    • Similarly, expand the OpenSSL Utilities option and select Will be installed on local hard drive.
    • Proceed with the installation by clicking Install Now.

 

 

 

 

 

 

 

STEP 3: Create Certificates and Keys for the Server

  1. Open CMD with Administrator privileges:
  2. Navigate to the directory 'C:\Program Files\OpenVPN\easy-rsa\'
  3. Run EasyRSA-Start.bat script:
  4. Delete the default configuration of OpenVPN:
    ./easyrsa clean-all

  5. Initialize a database and directory structure for the Public Key Infrastructure (PKI):
    ./easyrsa init-pki
  6. Create a Certificate Authority (CA) without a pass:
    ./easyrsa build-ca nopass
    Name your CA (e.g.,
    server1.local).

  7. Create certificates and keys for an OpenVPN server:
    /easyrsa build-server-full Server nopass

  8. Initialize Diffie-Hellman Parameter for secure key exchange:
    ./easyrsa gen-dh

STEP 4: Configure OpenVPN server

  1. Create a new folder called `Server-Config-Files` on desktop
  2. Copy the following files from the Easy-RSA directory to the Server-Config-Files folder:
    • ca.crt (from C:\Program Files\OpenVPN\easy-rsa\pki\)
    • dh.pem (from C:\Program Files\OpenVPN\easy-rsa\pki\)
    • Server.crt (from C:\Program Files\OpenVPN\easy-rsa\pki\issued\)
    • Server.key (from C:\Program Files\OpenVPN\easy-rsa\pki\private\)These are all of the copied files we have stored

3.  Create a configuration file for the OpenVPN server called Server.ovpn

port 1194
proto udp
dev tun

ca ca.crt
cert Server.crt
key Server.key
dh dh.pem

server 10.10.0.0 255.255.255.0
ifconfig-pool-persist ipp.txt

keepalive 10 120

push "route 10.10.0.0 255.255.255.0"
push "dhcp-option DNS 8.8.8.8"
push "dhcp-option DNS 8.8.4.4"
push "redirect-gateway def1"

comp-lzo
persist-key
persist-tun

status openvpn-status.log
verb 3

 

If you’re running your OpenVPN server and want to allow all clients to access each other, you can follow these steps:

 Edit the OpenVPN Server Configuration File

  1. Add  the following line to server.ovpn:
    client-to-client
    • This directive allows the clients to communicate with each other through the VPN.

 

4. Copy all configuration files and folders of `Server-Config-Files` and paste on

C:\Program Files\OpenVPN\easy-rsa\pki\private\

C:\Program Files\OpenVPN\config-auto\

 

5. Enable the IPEnableRouter option to allow client to access the Internal LAN

  • Open the Registry Editor by typing regedit in the Run dialog (Win + R).
  • Navigate to Computer\HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters.
  • Set the value of IPEnableRouter to 1.

|

6. Configure Internet sharing between LAN and VPN tunnel

Go to Network and Sharing Center and set up internet connection sharing between your LAN and the VPN tunnel interface.

 

7. Adjust the firewall to allow port 1194 /udp

  • Open Windows Defender Firewall.
  • Under Inbound Rules, create a new rule to allow UDP traffic on port 1194.
  • Name the rule “OpenVPN” and save it.

 

STEP 5: Create a Client Profile

  1. Generate Client Certificates and Keys:
    • Create the client’s certificate and key using the following command:

      ./easyrsa build-client-full Client1 nopass


    • Confirm the process when prompted.
  2. Create a Client Configuration Directory:
    • On your desktop, create a folder named Client-Config-Files.
  3. Copy Client Certificates and Keys:
    • Copy the following files to the Client-Config-Files folder:
      • ca.crt (from C:\Program Files\OpenVPN\easy-rsa\pki\)|
      • Client1.crt (from C:\Program Files\OpenVPN\easy-rsa\pki\issued\)
      • Client1.key (from C:\Program Files\OpenVPN\easy-rsa\pki\private\)

STEP 6: Set Up the OpenVPN Client

  1. Now send these files to the client machine.
  2. Restart OpenVPN service to apply the changesNavigate to OpenVPNService and restart.

    OpenVPN server configuration on Windows is complete.
    Now move to a Windows client machine to perform the test.

  3. Download and install OpenVPN on the client similar to the process on the server. (In Step 2)
  4. Create a configuration file for the OpenVPN server called client.ovpn
    client
    dev tun
    proto udp
    remote Your-Public-IP-Address 1194
    resolv-retry infinite
    nobind
    persist-key
    persist-tunca ca.crt
    cert Client1.crt
    key Client1.keycomp-lzo
    dhcp-option DNS 8.8.8.8
    dhcp-option DNS 8.8.4.4verb 3
    Create a configuration file for the client



    Save it as Client.ovpn in Client-Config-Files folder

  5. Copy all the files to the C:\Program Files\OpenVPN\config directory
  6. Configure the firewall to allow traffic through port 1194/UDP

    Go to Windows Defender Firewall and select Outbound Rules and create a New Rule.
    Select Port > UDP  and use port 1194

    Allow this connection for the port.

     

    Write OpenVPN in name and click on finish.

    Now you Are Successfully connected to the server.

    You can create as much clients profile as you want for multiple user access.

 

Disclaimer: This blog is for educational purposes only, promoting awareness of ethical hacking and cybersecurity to help readers protect against cyber threats. All content is based on lawful experiments on our own systems. No illegal activities are endorsed. Users agree to apply the information responsibly and legally. The blog and author are not liable for any misuse. By using this blog, you agree to use all knowledge ethically and legally. [Read full disclaimer].

Buy me a coffee
FOUNDER

FOUNDER

Cybersecurity aficionado committed to disseminating expertise, crafting articles that empower others to resolve errors and fortify online defenses with ease.

Recently Posted

Beginner’s Guide to Reverse Engineering Malware with dnSpy

Beginner’s Guide to Reverse Engineering Malware with dnSpy.

August 19, 2025
196
DNS Based Data Exfiltration Using Burp Collaborator Client

DNS Based Data Exfiltration Using Burp Collaborator Client

August 19, 2025
153
Jailbreak Gemini 2.5 Pro: A Guide to CLI Access and Jailbreaking in Kali Linux

Jailbreak Gemini 2.5 Pro: A Guide to CLI Access and Jailbreaking in Kali Linux

August 19, 2025
1.7k
HOW To BECOME AN ETHICAL HACKER ROADMAP

Free Cybersecurity Roadmap for Ethical Hacking Career in 2025

August 19, 2025
906
Load More

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Recommended

How to use bloodhound tool for pentesting

How to use Bloodhound / Sharphound for Pentesting Active Directory?

August 19, 2025
769
What is Access Control List (ACL) and How to exploit it in Active Directory?

What is Access Control List (ACL) and How to exploit it in Active Directory?

August 19, 2025
191

Popular Story

  • Jailbreak Gemini 2.5 Pro: A Guide to CLI Access and Jailbreaking in Kali Linux

    Jailbreak Gemini 2.5 Pro: A Guide to CLI Access and Jailbreaking in Kali Linux

    307 shares
    Share 123 Tweet 77
  • 100 Most Asked SOC Analyst Interview Questions For Freshers

    131 shares
    Share 52 Tweet 33
  • How to Configure OpenVPN Server for Multi Clients Setup in Windows?

    55 shares
    Share 22 Tweet 14
  • OSCP vs OSCP+: What New Changes Have Been Made?

    127 shares
    Share 51 Tweet 32
  • 7 Steps To Remove Leaked Private Photos or Videos from the Internet.

    73 shares
    Share 29 Tweet 18

Support This Write-Up. Fund the Next

Buy me a coffee
OneWriteup

Discover expert cybersecurity articles, tutorials, and the latest trends to protect your digital world.

  • Disclaimer
  • About Us
  • Feedback
  • Contact Us
  • Report
  • Privacy Policy
  • Community Guidelines
  • Terms Of Service

© 2024 OneWriteup

No Result
View All Result
  • Trending
  • Articles
  • News
  • Blog
  • Tutorials
  • Research
  • Top 10 Lists
  • Case Studies
  • Interviews
  • Login

© 2024 OneWriteup

Welcome Back!

Login to your account below

Forgotten Password?

Retrieve your password

Please enter your username or email address to reset your password.

Log In
Seraphinite AcceleratorOptimized by Seraphinite Accelerator
Turns on site high speed to be attractive for people and search engines.