Here is how to do it on iOS and OSX assuming you have followed my instructions for the server setup.
Generate new keys
From the easy-rsa directory you created while generating the server keys, create a new keypair for your phone:
./build-key iphone # "iphone" as Name, no password
and for your laptop:
./build-key osx # "osx" as Name, no password
Using OpenVPN Connect on iOS
The app you need to install from the App Store is OpenVPN Connect.
Once it's installed, connect your phone to your computer and transfer the following files using iTunes:
You should then be able to select it after launching the app. See the official FAQ if you run into any problems.
iphone.ovpn is a configuration file that you need to supply since the
OpenVPN Connect app doesn't have a configuration interface. You can use this
script to generate it
or write it from scratch using this
On Linux, you can also create a configuration file using Network Manager 1.2, use the following command:
nmcli connection export hafnarfjordur > iphone.ovpn
though that didn't quite work in my experience.
Here is the config I successfully used to connect to my server:
client remote hafnarfjordur.fmarier.org 1194 ca ca.crt cert iphone.crt key iphone.key cipher AES-256-CBC auth SHA384 comp-lzo yes proto udp tls-remote server remote-cert-tls server ns-cert-type server tls-auth ta.key 1
Using Viscosity on Mac OSX
One of the possible OpenVPN clients you can use on OSX is Viscosity.
Here are the settings you'll need to change when setting up a new VPN connection:
- Remote server:
- Remote server:
- Type: SSL/TLS client
- direction: 1
- peer certificate: require server nsCertType
- compression: turn LZO on
- send all traffic on VPN
add the following extra OpenVPN configuration commands:
cipher AES-256-CBC auth SHA384