CentOS
Version Requirements
Table 1 lists the client versions supported by CentOS.
Procedure
- Log in to the CentOS system as the root user and open the CLI.
- Run the following command to back up the original configuration file of the system:
cp -a /etc/yum.repos.d/epel.repo /etc/yum.repos.d/epel.repo.backup
- Install the EPEL repository.
- CentOS 7.9
Run the following command to install the EPEL repository:
yum install -y epel-release
If the following information is displayed, the EPEL repository is successfully installed:
Last metadata expiration check: 0:00:14 ago on Wed 05 Mar 2025 05:53:17 PM CST. ... ... ... Installed: epel-release-8-11.el8.noarch Complete!
- CentOS 8 or Stream 9
- Run the following command to configure the EPEL repository:
- Enter the following content in the command window:
[epel] name=epel baseurl=https://xxx.cn/epel/8/Everything/x86_64/ gpgcheck=0 gpgkey=https://xxx.cn/epel/RPM-GPG-KEY-EPEL-8
- 8 indicates the CentOS version. Change it to the actual version number.
- Replace https://xxx.cn/ with the actual source.
- Press Esc, enter :wq, and press Enter.
The system saves the configuration and exits the editor.
- CentOS 7.9
- Run the following command to check the current OpenSSL version:
openssl version
The following information is displayed:
OpenSSL 1.1.1k
- If the OpenSSL version is 1.1.1k or later, go to 5.
- If the OpenSSL version is earlier than 1.1.1k, perform the following operations to install OpenSSL:
- Run the following command to install OpenSSL 1.1.1k:
yum install -y openssl11 openssl11-devel
If the following information is displayed, OpenSSL 1.1.1k is successfully installed:
Loaded plugins: fastestmirror Loading mirror speeds from cached hostfile ... ... ... Is this ok [y/d/N]: y # Enter y. ... ... ... Installed: openssl11.x86_64 1:1.1.1k-7.el7 Complete!
- Run the following command again to check the OpenSSL version:
The following information is displayed:
OpenSSL 1.1.1k
- Run the following command to install OpenSSL 1.1.1k:
- Run the following command to check the current OpenVPN version:
openvpn --version
The following information is displayed:
OpenVPN 2.4.12 x86_64-redhat-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on Nov 10 2023 library versions: OpenSSL 1.1.1k FIPS 25 Mar 2021, LZO 2.08
- If the OpenVPN version is displayed, go to 6.
- If no OpenVPN version is displayed, perform the following operations to install OpenVPN:
Install OpenVPN. The installation command varies according to the CentOS version.
- CentOS 7.9
CentOS 7.9 supports only OpenVPN 2.4.12.
- On Windows, download the OpenVPN client installation package (openvpn-2.4.12-2.el8.rpm).
- Upload the downloaded .rpm installation package to a directory on CentOS using Xftp. In this example, the file is uploaded to the /opt/ directory.
- On CentOS, run the following command to go to the directory where the installation package is stored:
- Run the following command to install OpenVPN:
yum install ./openvpn-2.4.12-2.el8.x86_64.rpm
If the following information in bold is displayed, OpenVPN is successfully installed:Loaded plugins: fastestmirror Examining openvpn-2.4.12-2.el8.x86_64.rpm: openvpn-2.4.12-2.el8.x86_64 Marking openvpn-2.4.12-2.el8.x86_64.rpm to be installed ... ... ... Is this ok [y/d/N]: y # Enter y. ... ... ... Installed: openvpn.x86_64 0:2.4.12-2.el8 Complete!
- Run the following command again to check the OpenVPN version:
Information similar to the following is displayed:
OpenVPN 2.4.12 x86_64-redhat-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on Nov 10 2023 library versions: OpenSSL 1.1.1k FIPS 25 Mar 2021, LZO 2.08
- CentOS 8 or CentOS Stream 9
- On CentOS, run the following command to install OpenVPN:
If the following information in bold is displayed, OpenVPN is successfully installed:
CentOS-8 - Base 28 kB/s | 3.9 kB 00:00 ... ... ... Is this ok [y/N]: y # Enter y. ... ... ... Installed: openvpn-2.4.12-2.el8.x86_64 pkcs11-helper-1.22-7.el8.x86_64 Complete!
- Run the following command again to check the OpenVPN version:
Information similar to the following is displayed:
OpenVPN 2.4.12 x86_64-redhat-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on Nov 10 2023 library versions: OpenSSL 1.1.1k FIPS 25 Mar 2021, LZO 2.08
- On CentOS, run the following command to install OpenVPN:
- CentOS 7.9
- Download the client configuration file on a Windows system.
- Log in to the management console.
- Click
in the upper left corner and select the desired region and project. - Click
in the upper left corner, and choose . - In the navigation pane on the left, choose .
- Click the P2C VPN Gateways tab, and click Download Client Configuration in the Operation column of the target VPN gateway.
The downloaded client configuration file is client_config.zip.
- Decompress client_config.zip to a specified directory, for example, D:\.
After the decompression, the client_config.ovpn and client_config.conf files are generated.
- Open the client_config.conf file using Notepad or Notepad++.
- Add the client certificate and private key to the file.
Enter the client certificate content and the corresponding private key in between <cert></cert> and <key></key> tags, respectively.
<cert> -----BEGIN CERTIFICATE----- Client certificate content -----END CERTIFICATE----- </cert> <key> -----BEGIN PRIVATE KEY----- Client private key -----END PRIVATE KEY----- </key>
- (Optional) Comment out data-ciphers and disable-dco.
Comment out data-ciphers only when OpenVPN 2.4.12 is used.
Comment out disable-dco only when OpenVPN 2.5 or earlier is used.
- Press Ctrl+F to search for and locate data-ciphers and disable-dco.
- Enter # in front of the lines where data-ciphers and disable-dco are located to comment out the lines.
... ...... # data-ciphers AES-XXX-GCM # Comment out this line only on CentOS 7.9 and CentOS 8. ...... ...... # disable-dco # Comment out this line only on CentOS 7.9, CentOS 8, and CentOS Stream 9. ...... ...
- Save the .conf configuration file.
- Upload the .conf configuration file to the CentOS system using Xftp. In this example, the file is uploaded to the /opt/ directory.
- On CentOS, run the following command to go to the directory where the client configuration file is stored:
cd /opt/
- Run the following command to start the OpenVPN client and connect to the VPN gateway:
openvpn --config /opt/openvpn_config_user-01.conf
If the following information in bold is displayed, the OpenVPN connection is successfully established:
Tue Feb 25 19:24:04 2025 OpenVPN 2.4.12 x86_64-redhat-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on Nov 10 2023 ... ... ... Tue Feb 25 19:24:06 2025 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this Tue Feb 25 19:24:06 2025 Initialization Sequence Completed
- Run the following command to verify the connectivity:
ping XX.XX.XX.XX
XX.XX.XX.XX indicates the private IP address of the ECS to be connected. Replace it with the actual private IP address.
If information similar to the following is displayed, the client can communicate with the ECS:
64 bytes from XX.XX.XX.XX: icmp_seq=1 ttl=63 time=1.27 ms 64 bytes from XX.XX.XX.XX: icmp_seq=2 ttl=63 time=1.36 ms 64 bytes from XX.XX.XX.XX: icmp_seq=3 ttl=63 time=1.40 ms 64 bytes from XX.XX.XX.XX: icmp_seq=4 ttl=63 time=1.29 ms 64 bytes from XX.XX.XX.XX: icmp_seq=5 ttl=63 time=1.35 ms 64 bytes from XX.XX.XX.XX: icmp_seq=6 ttl=63 time=1.52 ms
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbot
