In this article, We are going to perform How to Install OpenVPN on Ubuntu 18.04 LTS or any other cloud platform like Amazon EC2, Azure VM, Google Cloud Compute,etc. with preinstalled Ubuntu OS.
OpenVPN is free and open-source, Virtual Private Network (VPN) encryption protocol. It is used to secure tunnel between two points in a network.
- Ubuntu Server 16.04/18.04 LTS
- SSH access with sudo privileges
- Open Firewall Ports 1194
update the system packages
$ sudo apt-get update
Step 1: Install Git
Install git using below command
$ sudo apt-get install git
Step 2: Install OpenVPN on Ubuntu
Clone the below git repo
$ sudo git clone https://github.com/Nyr/openvpn-install.git
Cloning into 'openvpn-install'... remote: Enumerating objects: 392, done. remote: Total 392 (delta 0), reused 0 (delta 0), pack-reused 392 Receiving objects: 100% (392/392), 115.17 KiB | 14.40 MiB/s, done. Resolving deltas: 100% (197/197), done.
Navigate to openvpn-install folder
$ cd openvpn-install/
List the folder contents
LICENSE.txt README.md openvpn-install.sh
Make it executable openvpn-install.sh script
$ sudo chmod +x openvpn-install.sh
Run the openvpn-install.sh script
$ sudo ./openvpn-install.sh
You will be prompted to select IP, protocol,port and certificate name.
Welcome to this OpenVPN road warrior installer! I need to ask you a few questions before starting setup. You can use the default options and just press enter if you are ok with them. This server is behind NAT. What is the public IPv4 address or hostname? Public IPv4 address / hostname [192.168.100.55]: 192.168.100.55 Which protocol do you want for OpenVPN connections? 1) UDP (recommended) 2) TCP Protocol : 1 What port do you want OpenVPN listening to? Port : 1194 Which DNS do you want to use with the VPN? 1) Current system resolvers 2) 220.127.116.11 3) Google 4) OpenDNS 5) Verisign DNS : 1 Finally, tell me a name for the client certificate. Client name [client]: client Okay, that was all I needed. We are ready to set up your OpenVPN server now. Press any key to continue... Press Enter
Press Enter after entering all answers, at the end you will get Finished message.
Signature ok The Subject's Distinguished Name is as follows commonName :ASN.1 12:'client' Certificate is to be certified until Nov 15 11:00:15 2029 GMT (3650 days) Write out database with 1 new entries Data Base Updated Using SSL: openssl OpenSSL 1.1.1 11 Sep 2018 Using configuration from ./safessl-easyrsa.cnf Can't load /etc/openvpn/server/easy-rsa/pki/.rnd into RNG 139692549542336:error:2406F079:random number generator:RAND_load_file:Cannot open file:../crypto/rand/randfile.c:88:Filename=/etc/openvpn/server/easy-rsa/pki/.rnd An updated CRL has been created. CRL file: /etc/openvpn/server/easy-rsa/pki/crl.pem Created symlink /etc/systemd/system/multi-user.target.wants/openvpn-iptables.service → /etc/systemd/system/openvpn-iptables.service. Created symlink /etc/systemd/system/multi-user.target.wants/[email protected] → /lib/systemd/system/[email protected] Finished! Your client configuration is available at: /home/fosstechnix/client.ovpn If you want to add more clients, just run this script again!
To check OpenVPN configuration, Go to below path, looks like as shown below
$ cat /etc/openvpn/server/server.conf
local 10.0.31.5 port 1194 proto udp dev tun ca ca.crt cert server.crt key server.key dh dh.pem auth SHA512 tls-crypt tc.key topology subnet server 10.8.0.0 255.255.255.0 ifconfig-pool-persist ipp.txt push "redirect-gateway def1 bypass-dhcp" push "dhcp-option DNS 18.104.22.168" keepalive 10 120 cipher AES-256-CBC user nobody group nogroup persist-key persist-tun status openvpn-status.log verb 3 crl-verify crl.pem explicit-exit-notify
Step 3: Creating User Profile in OpenVPN
OpenVPN is ready for use, to create user profile navigate the openvpn-install folder and run the openvpn-install.sh script which we have used to install openvpn.
$ sudo ./openvpn-install.sh
You will prompted below options.
Looks like OpenVPN is already installed. What do you want to do? 1) Add a new user 2) Revoke an existing user 3) Remove OpenVPN 4) Exit Select an option: 1 Tell me a name for the client certificate. Client name: FOSS.Technix Using SSL: openssl OpenSSL 1.1.1 11 Sep 2018 Generating a RSA private key .......................+++++ .......................+++++ writing new private key to '/etc/openvpn/server/easy-rsa/pki/private/FOSS_TechNix.key.J2Auf22bKO' ----- Check that the request matches the signature Signature ok The Subject's Distinguished Name is as follows commonName :ASN.1 12:'FOSS_Technix' Certificate is to be certified until Nov 15 11:14:08 2029 GMT (3650 days) Write out database with 1 new entries Data Base Updated Client FOSS_TechNix added, configuration is available at: /home/fosstechnix/FOSS_Technix.ovpn
Succefully,We have preformed install OpenVPN on Ubuntu.
Copy the FOSS_Technix.ovpn file from users home directory and add into OpenVPN client profile and then connect to OpenVPN server.
Install OpenVPN client on Windows
Right click on OpenVPN GUI icon and import your File and select your file and click on connect
In this article, We have covered Install OpenVPN on Ubuntu, configure OpenVPN , Creating user profile.