Asia VPN – Unlimited & Fast | Blog

recent posts

about

AsiaVPN Free VPN

Unlock the Internet with Speed & Security 🚀

How to Install OpenVPN Server on Windows 10 Pro 22H2

How to Install OpenVPN Server on Windows 10 Pro 22H2

How to Install OpenVPN Server on Windows 10 Pro 22H2 (Build 19045.3448)

1. Set up OpenVPN

Set up an OpenVPN connection following this guide

2. Generate a TA key

Generate a TA key and place it in the same folder as the other certificates/keys: openvpn --genkey --secret ta.key

3. Update server.ovpn profile

Append the following lines to your server.ovpn profile:

# Route all traffic through VPN
push "redirect-gateway def1"
# Push Google DNS to prevent leak
push "dhcp-option DNS 8.8.8.8"

4. Update client.ovpn profile

Append the following lines to your client.ovpn profile:

# Block DNS leak
block-outside-dns

Here is my completed configuration file

local 1.2.3.4
port 9194
proto udp
dev tun
ca ca.crt
cert server.crt
key server.key
dh dh.pem
auth SHA512
tls-crypt tc.key
topology subnet
server 10.8.0.0 255.255.255.0
push "redirect-gateway def1 bypass-dhcp"
ifconfig-pool-persist ipp.txt
push "dhcp-option DNS 8.8.8.8"
push "dhcp-option DNS 8.8.4.4"
push "block-outside-dns"
keepalive 10 120
cipher AES-256-CBC
user nobody
group nogroup
persist-key
persist-tun
plugin /usr/lib/x86_64-linux-gnu/openvpn/plugins/openvpn-plugin-auth-pam.so login
client-cert-not-required
username-as-common-name
verb 3
crl-verify crl.pem
explicit-exit-notify
duplicate-cn

5. Service Tweaks

  1. Open the Services window
  2. Find Routing and Remote Access and set it to: Startup type – Automatic
  3. Start the service

6. Adapter Tweaks

  1. Open the network adapters window
  2. Right-click your internet adapter (e.g. Ethernet) and then: Properties -> Sharing -> Allow other network users to connect through this computer’s Internet connection
  3. (if applicable) From the drop-down list select your OpenVPN TAP adapter (e.g. Ethernet 2)
  4. Note: Only one adapter can be shared at a time, so if you don’t see the Sharing tab, make sure no other adapter is being shared.

7. Registry Tweaks

Key: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters

Value: IPEnableRouter

Type: REG_DWORD

Data: 0x00000001 (1)

8. Configure a Static Route (if behind a router)

You have to route all packets sent to the client’s virtual IP back to the VPN server.

Example using Cisco router:

  • 10.8.0.0 – virtual network subnet
  • 255.255.255.0 – virtual network subnet mask
  • 192.168.1.175 – VPN server internal IP (in the subnet of the router)

9. Issues with ICS (Internet Connection Sharing)

There are a few issues you might encounter when using OpenVPN together with ICS:

  • ICS by default automatically assigns a static IP (192.168.137.1) on your LAN adapter, conflicting with OpenVPN IP. To address this, change OpenVPN config to have a consistent IP range or change HKLM\System\CurrentControlSet\services\SharedAccess\Parameters\ScopeAddress to 10.8.0.1.
  • On some later Windows versions, ICS might stop working after a reboot. The way to address this is mentioned in this Microsoft support article.

10. Final OpenVPN Tweaks

  1. Right-click openvpn-gui.exe and then: Properties -> Compatibility -> Run this program as an administrator
  2. (optional) Configure the OpenVPN server to start and connect automatically:
"C:\Program Files\OpenVPN\bin\openvpn-gui.exe" --connect server.ovpn

Posted in , ,

Leave a Reply

Your email address will not be published. Required fields are marked *