The source article can be found here

First, the server:

Install the Centos openvpn rpm from the EPEL Repo: yum install openvpn.

N.B: The default config files for the Centos openvpn rpm are in /etc/openvpn, so the fiile locations in the config file are relative to that 'home' dir.

The server config looks something like this:

Note: If you use the openvpn-auth-pam.so plugin, you will need to have the pam-devel package installed on your system as well (or OpenVPN will bail on startup).

The Certificate and Keyfiles are generated on the server, and copied to the client via a secure channel (i.e.: Over the LAN, via USB Thumbdrive, etc.. N.B: EMAIL IS NOT SECURE (unless encrypted))

The ca.crt file will be copied to the Client PC from the server via secure channel.
The system.key and system.crt are generated on the server for each individual system that will be connecting to OpenVPN.

To generate a keypair for a client system:

Edit the vars file and populate it with your information. Read the README in this directory for how to set up your server and Certificate Authority!

Next, the client PC:
My Client config looks like this (save this on the server in the keys directory as a backup):

On the client PC:

As an Administrator, do the following:

Download the current stable version of the OpenVPN gui from http://openvpn.se and install it. You'll need to make a couple post install modifications:

During the install, check "Hide the TAP-Win32 Virtual Ethernet Adapter" box. Leave the rest as their defaults.

Make a new directory: C:\Program Files\OpenVPN\keys

Copy your key and crt files to C:\Program Files\OpenVPN\keys\

(Copy 4 files to the client PC: ca.crt, client.crt, client.key and client.ovpn.)

N.B:

• The front slashes in the windows config file ARE correct (otherwise you have to escape the backslashes). 
• 'resolve-retry infinite'  doen't seem to be valid in the Centos 5.x openvpn package.

Running OpenVPN GUI as a non-admin user on the Windows PC

You'll have to give the selected user access to start/stop the OpenVPN service:
Download subinacl (a component of the XP Resource Kit) from the Microsoft Website.
Open up a Command Prompt and run the following commands:

You'll need to change the following registry keys on the client PC:

And that's it... at this point, you should be able to log out and log back in (you'll need to do that *EVERY TIME* you make a change to the OpenVPN-GUI registry keys!), right click the OpenVPN icon in the systray, enter your username and password, and get a connection.

Run OpenVPN-GUI as a NON-Admin user via the Windows XP RUNAS command

You can save the credentials for a runas shortcut thusly (and thanks to the OpenVPN site administrator for clueing me in on this...):
First: toss out the registry entries to start OpenVPN-GUI on bootup: delete HKLM\Software\Microsoft\Windows\Current Version\Run\openvpn-gui.
Next, create a regular shortcut on the desktop to OpenVPN-gui (I usually right-click and drag the binary (C:\Program Files\OpenVPN\bin\openvpn-gui) to the desktop and select "Create a shortcut here...").
Right click the new shortcut and select Properties
In the "Target:" dialog, enter the following before the path to OpenVPN-gui:
C:\windows\system32\runas.exe /savecred /user:"LOCAL ADMIN USERNAME"
Save your shortcut and double-click on it, and you will be presented with a DOS dialog box asking for the password to the account you specified. Enter the password, and the service will start, running under the privileges of the user you specified. NOTE: By saving the credentials this way, a user can run ANY COMMAND ON THE SYSTEM AS AN ADMINISTRATOR, simply by changing the last part of the shortcut!!!

This method is also ONLY AVAILABLE on Windows XP PRO... the /savecred option is silently ignored when using XP Home or any variant of it (i.e. Media Center etc.).