各种桌面系统下，配置OpenVPN

Ubuntu Linux 10.10: OpenVPN Setup
    In Terminal, install openvpn packages with sudo apt-get install network-manager-openvpn.
    Restart the network manager with sudo restart network-manager
    Run sudo wget https://www.privateinternetaccess.com/openvpn/openvpn.zip
    Extract the files from the zip with unzip openvpn.zip.
    Move ca.crt to /etc/openvpn
    Open the Network Manager on the menu bar.
    Choose add and select the OpenVPN connection type, and click Create.
    Enter Private Internet Access SSL for the Connection Name.
    Enter us-east.privateinternetaccess.com [*] for the Gateway
    Select Password and enter your login credentials.
    Browse and select the CA Certificat we saved in Step 3.
    Choose Advanced and enable LZO Compression.
    Apply and exit.
    Connect using the Network Manager.

DD-WRT: VPN OpenVPN Setup

1. Access the Administration area and then go to Commands and finally Startup.
2. Enter the following:
   
   echo username >> /tmp/password.txt
   echo password >> /tmp/password.txt
   /usr/bin/killall openvpn
   /usr/sbin/openvpn --config /tmp/openvpncl/openvpn.conf --route-up /tmp/openvpncl/route-up.sh --down-pre /tmp/openvpncl/route-down.sh --daemon
3. Access the VPN tab found under the Services section.
4. Enable the OpenVPN Client.
5. Set the Server IP/name to us-east.privateinternetaccess.com ^[*].
6. Set the Port to 1194.
7. Set the Tunnel Device to TUN.
8. Set the Tunnel Protocol to UDP.
9. Set the Encryption Cipher to Blowfish CBC (Default).
10. Set the Hash Algorithm to SHA1.
11. Set the nsCertType to unchecked.
12. Set the Advanced Options to Enabled.
13. Set Use LZO Compression to Enable.
14. Set NAT to Enable.
15. In the Additional Config enter the following:
    
    auth-user-pass /tmp/password.txt
    persist-key
    persist-tun
    tls-client
    remote-cert-tls server
16. Copy and paste the contents of ca.crt found in our OpenVPN Config Files, into the CA cert field.

Tomato: OpenVPN VPN Setup

1. Newest builds please follow the tutorial here Tomato Forum
2. Click Administration and then Scripts and enter the following in the init section:
   
   echo username >> /tmp/password.txt
   echo password >> /tmp/password.txt
   Some users have found that they needed to manually create the password file due to chmod permissions.
   
3. Click VPN Tunneling and then Client.
4. Choose Client 1 and then choose Basic.
5. Set Start with WAN to Enabled.
6. Set Interface Type to Tun.
7. Set Protocol to UDP.
8. Set the Server Address/Port to us-east.privateinternetaccess.com ^[*] and port to 1194.
9. Set the Firewall to Automatic.
10. Set Authorization Mode to TLS.
11. Set Extra HMAC authorization to Disabled.
12. Set Create NAT on tunnel to Enabled.
13. Click on the Advanced tab.
14. Set Poll Interval to 0.
15. Set Redirect Internet Traffic to Disabled.
16. Set Accept DNS configuration to Enabled.
17. Set Encryption cipher to (Use Default).
18. Set Compression to (Adaptive).
19. In the Custom Configuration, input the following:
    
    persist-key
    persist-tun
    tls-client
    auth-user-pass /tmp/password.txt
    comp-lzo
    verb 1
    reneg-sec 0
20. Click on the Keys tab and copy and paste the contents of ca.crt found in our OpenVPN Config Files, into the Certificate Authority.

PfSense: OpenVPN VPN Setup

1. Access the VPN tab at the top.
2. Select the Client tab within the OpenVPN settings.
3. Make sure Disable this client is not selected.
4. Set the Server Mode to Peer to Peer (SSL/TLS).
5. Set the Protocol to UDP.
6. Set the Device mode to tun.
7. Set the Interface to WAN.
8. Leave the Local Port blank.
9. Set the Server host or address to us-east.privateinternetaccess.com ^[*].
10. Set the Server port to 1194.
11. Leave all Proxy fields blank.
12. Set the Server host name resolution to Infinitely resolve server.
13. Set the Description to Private Internet Access.
14. Set the Peer Certificate Authority to OpenVPN.
15. Set the Client Certificate to webConfigurator default.
16. Set the Encryption algorithm to BF-CBC (128-bit).
17. Set the Hardware Crypto to No Hardware Crypto Acceleration.
18. Leave all the Tunnel Settings blank.
19. Add the following settings in the Advanced configuration:
    
    nobind
    auth-user-pass /etc/openvpn-password.txt
    comp-lzo
    ca /etc/ca.crt
20. Login to the pfSense router by shell.
21. Create a file called /etc/openvpn-password.txt with the following:
    
    username
    password
22. Copy the ca.crt file into your /etc/ folder. You can find this file in our OpenVPN Config Files

Mac OS X: OpenVPN Setup

1. Download Tunnelblick from Google Code
2. Download the OpenVPN Configuration files.
3. Extract ca.crt and configuration files from the zip.
4. Open the Tunnelblick DMG
5. Double click on the Tunnelblick Icon.
6. After installation has completed, launch Tunnelblick.
7. When you see a dialogue box with an option to Create and open configuration folder, choose this option.
8. Copy the files extracted in Step 3 to this folder.
9. Connect by right clicking the Tunnelblick icon in the menubar.
10. When you are prompted, enter your username and password.

Windows: OpenVPN Setup

1. Download OpenVPN Windows Installer from OpenVPN.Net Downloads
2. Run the installer and click Ok or Yes if any Security Warnings appear.
3. Continue and write down the installation folder path.
4. Download the OpenVPN Configuration files.
5. Extract the files from the zip and copy ca.crt and all of the configuration files to the config folder found in the installation path from Step 3 (Usually C:\Program Files\OpenVPN\config or C:\Program Files (x86)\OpenVPN\config).
6. Windows 7 and Vista users will need to right click on the OpenVPN shortcut on the desktop and choose Properties and enable Run this program as an administrator.
7. Connect by right clicking the OpenVPN System Tray Icon, navigating to the server and choosing connect.
8. When you are prompted, enter your username and password.

from https://www.privateinternetaccess.com/pages/client-support/#ubuntu_openvpn