KerbyServer

With openvpn already installed via yum:

su -
cp -a /usr/share/openvpn/easy-rsa /etc/openvpn/
cd /etc/openvpn/easy-rsa/2.0
vim vars

Edit the following:
export KEY_COUNTRY="US"
export KEY_PROVINCE="VA"
export KEY_CITY="Chesapeake"
export KEY_ORG="KerbyServer"
export KEY_EMAIL="admin@kerbyserver.net"

Save the file, and more commands:

./vars
source vars
./clean-all
./build-ca
./build-key-server server

Go with all the default entries.

./build-key kerbspb

Again, go with the defaults.

./build-dh

Copy the ca.crt, kerbspb.crt, and kerbspb.key files in the keys directory to kerbspb (over a secure channel). I put them in the /Users/Eric/Library/openvpn/ directory.
Set up the server config file. See the attached file, server.conf.txt.

Firewall configuration: I opened up UDP port 1194 for the VPN server. I set iptables to allow all connections coming in on the tun+ interface. I already had the firewall set to masquerade on eth0, and all forwarded packets default to being accepted (since this computer is my local network's router and gateway), so I did not have to change anything to let the VPN client use the VPN server as its Internet gateway.

Start openvpn on the server, /etc/init.d/openvpn start...If SELinux is enabled and enforcing, it will cause issues with the server trying to read various files in the /etc/openvpn directory. I set my policy to permissive for the time being until I can figure out how to allow reading those files.

On kerbspb, I had the latest version of Tunnelblick installed, v3.0 beta 4 (a Mac OS X OpenVPN client). I clicked the Edit Configuration button, and entered the configuration for my client. See the attached file, kerbspb.conf.txt.

I also checked the "Set Nameserver (Experimental)" box so I could query my home network's DNS server. Once all that was set, I clicked connect and enjoyed the wonders of VPN!