Ubuntu 22.04 LTS Set Up OpenVPN Server In 5 Minutes
In this guide, we will provide a step-by-step instruction on how to set up an OpenVPN server on Ubuntu 22.04 LTS in just five minutes.
OpenVPN is a popular open-source software application that implements virtual private network (VPN) techniques to create secure point-to-point connections in routed or bridged configurations. It uses a custom security protocol that utilizes SSL/TLS for key exchange.
One of the main benefits of using an OpenVPN server is the ability to securely access a private network from a remote location. This can be particularly useful for remote employees who need to access resources on the company’s internal network, or for individuals who want to securely access their home network while on the go.
Setting up an OpenVPN server is relatively straightforward on Ubuntu 22.04 LTS. The process can be broken down into a few key steps:
Steps To Setup OpenVPN On Ubuntu 22.04 LTS
The following steps will guide you through the process of setting up OpenVPN on Ubuntu 22.04 LTS in five minutes:
To set up an OpenVPN server on Ubuntu 22.04 LTS, you can follow these steps:
- First, install the OpenVPN package by running the command:
sudo apt install openvpn
- Next, create a directory to hold the server configuration files:
sudo mkdir /etc/openvpn/server
- Generate the necessary encryption files using the easy-rsa script:
sudo apt install easy-rsa
make-cadir /etc/openvpn/server/easy-rsa
- Change the directory to easy-rsa:
cd /etc/openvpn/server/easy-rsa
- Build the PKI (public key infrastructure):
source vars
./clean-all
./build-ca
./build-dh
./build-key-server server
./build-key client1
(replace ‘client1’ with your desired client name) - generate the client certificate
./build-key-pass client1
- Create the server configuration file:
sudo nano /etc/openvpn/server.conf
- Paste the following contents in the file, replacing with your desired settings:
port 1194
proto udp
dev tun
ca /etc/openvpn/server/easy-rsa/keys/ca.crt
cert /etc/openvpn/server/easy-rsa/keys/server.crt
key /etc/openvpn/server/easy-rsa/keys/server.key
dh /etc/openvpn/server/easy-rsa/keys/dh2048.pem
server 10.8.0.0 255.255.255.0
ifconfig-pool-persist ipp.txt
push “redirect-gateway def1 bypass-dhcp”
push “dhcp-option DNS 8.8.8.8”
push “dhcp-option DNS 8.8.4.4”
keepalive 10 120
comp-lzo
user nobody
group nogroup
persist-key
persist-tun
status openvpn-status.log
verb 3 - Create a directory for the log files and start the OpenVPN server:
sudo mkdir /var/log/openvpn
sudo systemctl start [email protected]
- Check the status of the server to ensure it is running:
sudo systemctl status [email protected]
- Enable the OpenVPN service to start automatically upon system boot:
sudo systemctl enable [email protected]
- Create client config file
sudo nano /etc/openvpn/client1.ovpn
- paste the following contents in the file
client
dev tun
proto udp
remote [your server IP or domain name] 1194
resolv-retry infinite
nobind
persist-key
persist-tun
remote-cert-tls server
auth SHA256
cipher AES-256-CBC
comp-lzo
setenv opt block-outside-dns
Conclusion
After completing these steps, your OpenVPN server should be fully set up and ready to use. Clients can connect to the server using the OpenVPN client software and the client configuration file that you created earlier.
It is important to note that while setting up OpenVPN provides a secure connection, it is not a replacement for a firewall. It is always recommended to use a firewall to protect your network and to limit the exposure of the VPN server to the Internet.
Overall, OpenVPN is a powerful and flexible tool that can be used to create secure and reliable VPN connections. Whether you are looking to provide remote access for your employees or to secure your own personal network, OpenVPN is definitely worth considering as a solution.