Figuring out how to set up an OpenVPN server on Ubuntu 22.04 is your gateway to internet freedom and online security. In this article, we will tackle everything there is you need to know about it—from setting up an OpenVPN server on Ubuntu to connecting the OpenVPN server using a VPN client.
VPN: The basics
A virtual private network (VPN) enables you to extend your private network across a public network via tunneling. It dramatically enhances the security of your network. A VPN allows you to access an untrusted network like you are a part of a private network.
A good example of this is when you are on university premises, and you want to connect and become part of the home network. There are chances of security breaches if you directly connect to it. And VPN can enable you to securely connect to the home network and become part of it.
Your communication is encrypted and private, which doesn’t allow an unauthenticated connection. Also, several tools can be used for virtual private networking.
How to Setup OpenVPN Server on Ubuntu 22.04
OpenVPN is an open-source tool, a fully featured SSL VPN. You can use it to access remote websites, create a secure connection, and enhance security via establishing a VPN connection. It implements OSI Layer 2/3 secure network extensions using SSL/TLS protocol.
All the communication is secure as VPN uses the tunneling mechanism internally to ensure authentication and privacy of the communication. And now, we will be discussing the basic steps to set up an OpenVPN server and connecting it through different clients.
- You should have Ubuntu installed on your system.
- The firewall should be enabled.
Remember, you will be connecting a VPN client through another Ubuntu system.
Update the system packages
As the first step, we will update the system packages using the following command:
$ sudo apt-get update && sudo apt-get upgrade
Installation of OpenVPN
The installation of OpenVPN is very simple and can be done via the following command:
$ sudo apt -y install openvpn
The above step will take a while until installation is complete.
Alternatively, you can get the setup of OpenVPN via running the following command:
After that, set the executable permissions of the script as follows:
chmod -v +x ubuntu-22.04-lts-vpn-server.sh
Now, install OpenVPN via the following command:
Generate a key for VPN tunneling and starting the VPN server.
Entering the following commands will generate a key for the tunnel:
$ openvpn --genkey --secretstatic-OpenVPN.key
$ sudo openvpn --dev tun --ifconfig 172.16.0.1 172.16.0.2 --cipher AES-256-CBC --secret static-OpenVPN.key &
In the above command, ‘&’ is used in the end to run the process in the background. Alternatively, you can use easy-RSA to generate a pair of public-private keys.
To verify that all the above steps are successfully executed, you need to run the following command:
$ ip a show tun0
Tip: There are two types of IP addresses: public and private. Public IP addresses are routed from the internet and can be accessed anywhere. While private IP addresses are local to your network.
You can now verify that UDP port 1194 is open, and run the following command:
$ netstat -anu | grep1194
To configure the firewall, use the following command:
$ sudo ufq allow from any to any port 1194 proto udp
You will see a message that the rules are updated.
And with that, OpenVPN’s server has been successfully set up and is ready to receive incoming connections. If you are using any other firewall, the steps for adding rules may differ.
Connecting from a remote client
Now, we will connect from a remote client to OpenVPN. The following steps will be performed:
Install OpenVPN via the following command:
sudo apt -y install openvpn
Alternatively, you can use the following command to install OpenVPN:
sudo yum install openvpn
Transfer the static key from the server to the client
Now, we will have to securely transfer the static key from the server to the client. We can use the SCP command similar to what you can see below:
scp [email protected]:/home/ubuntuser/static-OpenVPN.key
Establishing a VPN tunnel
Using the following command, we will be able to establish the VPN connection to the server:
In the above command, we have used the AES-256-CBC cipher, which is a very robust encryption algorithm. Alternatively, you can also use other algorithms such as Rivest, Shamir, and Addleman (RSA).
Checking if the connection is successful
Now that everything is set up successfully, you should see a message that will confirm if the connection was successfully made:
You can confirm further by pinging a host on a remote server using the following command:
ping -c 1 172.16.0.1
Tip: There are also clients for Apple iOS, Android, Apple MacOSX, and Windows—each of which can be used for connecting to the OpenVPN server.
And that’s all you need to know about installing OpenVPN on Ubuntu and using it to access the internet unfettered. We discussed how we can set up an OpenVPN server in Ubuntu the easy way and how we can install the server and configure the OpenVPN server.
We also talked about the steps to verify that the VPN connection is successful, along with how to use a VPN client to connect to the server.
If this guide helped you, please share it.