2 Easy Methods to Setup OpenVPN server on ubuntu in under 10 minutes

Generally setting up an OpenVPN server is a daunting task for non linux Users, which can easily take 40 minutes to an hour for a first time user.  However there are 2 extremely easy ways of setting it up in under 10 minutes.

Method 1 : By Installing OpenVPN Access Server ( AS)

This is the easiest method that can get you a fully working server up and running in under 5 minutes.  You have to just download the installation file and run it. All the basic configuration is out of the box.  All the advanced configuration ( if you need), user creation, profile download etc is done via a graphical user inteface in your webbrowser, and you never have to see the command line .



There is a limitation however to the free version, you only get 2 free concurrent users for testing. If 2 users is all you want, use OpenVPN AS as this is the easiest way to install the VPN server.

Step 1.1 : Download the package

Step 1.2 : Run the installation package

You should be able to double click on the downloaded package .  If you are running a headless server, or only have access to command line, then run the dpkg command to run the installation

dpkg -i openvpn-as-2.0.5-Ubuntu10.amd_64.deb

Substituting the openvpn-as-2.0.5-Ubuntu10.amd_64.deb for the name of the package file you have downloaded

Step 1.3 : Change Default Password

Now your OpenVPN AS has been installed for you already and a default admin user openvpn has been created. Change the password for this user by running

passwd openvpn

 

Step 1.4 : Access your OpenVPN GUI, and add a user.

Open your web browser and go to  https://openvpnasip:943/admin , replacing openvpnasip as your server ip.  Use the default user name ‘openvpn’ and the password that you had set in step 1.3
Add one more user by visiting the user section.  You can add as many users as you want, but only 2 users can be connected to the server at a time.

Step 1.5 : download the .ovpn profile

login to  https://openvpnasip:943/?src=connect
Login as the user you want to connect and download the .ovpn profile for this user.  Import this .ovpn profile in your OpenVPN client and connect with the respective username and password

Method 2 : By Using a containerization application

There is an excellent container by Kylemanna for docker that can be used to setup a full OpenVPN server.

Step 2.1 : Install docker if you don’t have it on your system

Though you can run sudo apt-get install docker-ce , it will mostly get you an old version.  To get the latest version, add the docker official repository and install from there.
Add Docker official GPG key
curl -fsSLhttps://download.docker.com/linux/ubuntu/gpg | sudo apt-key add -
set up the stable repository.
sudo add-apt-repository   "deb [arch=amd64] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable"
Update the apt package index.
$ sudo apt-get update
Install docker

sudo apt-get install docker-ce

Test that docker has been installed by running
docker run hello-world

Step 2.2 :  Pull the image to your sytem

Copy the image to your system by running
sudo docker pull kylemanna/openvpn

Step 2.3 : Prepare your volume

You need to create a docker volume which will hold your configuration and certificates . Choose a name for the $OVPN_DATA volume.  Save the name to the variable $OVPN_DATA , so we can easily reference this variable.
OVPN_DATA="ovpn-data-example"
Create the Volume and initialize it. It will ask a passphrase, remember this since you will need it while creating your client certificate.
docker volume create --name $OVPN_DATA
docker volume create --name $OVPN_DATA
docker run -v $OVPN_DATA:/etc/openvpn --log-driver=none --rm kylemanna/openvpn
ovpn_genconfig -u udp://VPN.SERVERNAME.COM
docker run -v $OVPN_DATA:/etc/openvpn --log-driver=none --rm -it kylemanna/openvpn ovpn_initpki

Step 2.4 : Generate client certificate and download config

Generate the client certificate with
docker run -v $OVPN_DATA:/etc/openvpn --log-driver=none --rm -it kylemanna/openvpn easyrsa build-client-full CLIENTNAME nopass
And dump a copy of the client configuration with
docker run -v $OVPN_DATA:/etc/openvpn --log-driver=none --rm kylemanna/openvpn ovpn_getclient CLIENTNAME > CLIENTNAME.ovpn
Import CLIENTNAME.ovpn to your openvpn client and connect. Since we created the certificate with no pass option, you can connect without password.

Leave a Comment

Your email address will not be published. Required fields are marked *