====== Open VPN install on Ubuntu 16 ======
The following tutorial gives a very in-depth tutorial on how to do this so I recommend just following that : https://www.digitalocean.com/community/tutorials/how-to-set-up-an-openvpn-server-on-ubuntu-16-04

The only extra items I did were: 
  * create rules on the Netgear Router to allow port forward of 1194 (default Open VPN port) to comeragh
  * changed the udp protocol used to be tcp instead this is in 2 or 3 places in all of the configs nothing major
  * generated client files based on the person using them rather than calling it client1
  * Added dns to the config : sudo vi /etc/openvpn/server.conf and added two line : push "dhcp-option DNS 10.91.100.71" and push "dhcp-option DNS 10.5.5.50" - this was to force the DNS names as to not have to set them on the client manually


I encountered one issue however, the VPN would connect using tunnelblick on Mac, however the public IP did not change.
I followed the trouble shooting guide here : https://tunnelblick.net/cConnectedBut.html
The resolution was to edit the /etc/openvpn/server.conf file and uncomment this line : push "redirect-gateway def1 bypass-dhcp"

===== VPN Program for Mac =====
https://tunnelblick.net/downloads.html

===== Generating New VPN Certs =====
  * ssh to the VPN server
  * cd ~/openvpn-ca
  * source vars
  * ./build-key-pass firstname_lastname
  * # Give them a good password (pem passphrase), you can just press enter for everything else except for email, change their email, do not set a challenge password just press enter.
  * # When asked to sign, y and enter, when asked to commit y and enter
  * # if an error appears such as db then the user already exists so give them a different name like firstname_lastname_1 etc.
  * # if successful it should say : Write out database with 1 new entries\n Data Base Updated
  * cd ~/client-configs
  * ./make_config.sh firstname_lastname
  * # The opvn file should be located : ~/client-configs/files

===== Revoking VPN Certs =====
  * cd ~/openvpn-ca
  * source vars
  * ./revoke-full their_user
  * sudo cp ~/openvpn-ca/keys/crl.pem /etc/openvpn
  * sudo systemctl restart openvpn@server



===== Revoking Google auth =====
  * /usr/local/openvpn_as/scripts
  * sudo ./confdba -u -m -k pvt_google_auth_secret_locked -v false -p username