Introduction

OpenVPN is a widely used open-source VPN solution that provides secure and encrypted connections over the internet. Setting up OpenVPN on an Ubuntu-based Linux server can help you create a private and secure network for remote access.

This guide will walk you through an automated installation process using a trusted script, making the setup quick and hassle-free. We’ll also cover security considerations, firewall settings, and managing OpenVPN after installation.

Step 1: Update Your System

Before installing OpenVPN, ensure your system is up-to-date by running the following command:

sudo apt update && sudo apt upgrade -y

This updates package lists and installs the latest security patches.

Step 2: Download the OpenVPN Installation Script

We’ll use a well-maintained script that automates most of the OpenVPN setup. Download the script with:

wget https://git.io/vpn -O openvpn-install.sh

This script is developed and maintained by Nyr on GitHub, a reputable source for OpenVPN setup automation.

Step 3: Make the Script Executable

Before running the script, you need to give it execution permission:

chmod +x openvpn-install.sh

This ensures the script can be run as a program.

Step 4: Run the Installation Script

Now, execute the script with:

sudo ./openvpn-install.sh

Step 5: Follow the Prompts

The script will guide you through the setup process with a series of prompts:

1. IP Address Detection

• The script will detect your server’s public IP.
• Press Enter to accept it or enter a different IP if needed.

2. Protocol Selection

• Choose between UDP (recommended) or TCP.
• Type 1 for UDP and press Enter.

3. Port Number

• Enter the OpenVPN port (default is 1194).
• Press Enter to accept the default or specify a custom port.

4. DNS Provider

• Select a DNS provider for VPN clients (e.g., Google, Cloudflare, OpenDNS).
• Enter the corresponding number and press Enter.

5. Client Name

• Enter a name for the first VPN client (e.g., client1).
• This generates a configuration file for the client.

6. Confirm Installation

• Press any key to start the installation.

Step 6: Installation Complete

Once the script completes:

• OpenVPN Server is fully installed and running.
• A client configuration file (e.g., client1.ovpn) is generated in your home directory.

Step 7: Transfer the Client Configuration File

To connect a client to your OpenVPN server, transfer the .ovpn file to the desired device securely:

Using SCP (Secure Copy Protocol):

scp ~/client1.ovpn your_username@client_ip:/path/to/destination

Using SFTP:

sftp your_username@client_ip
put ~/client1.ovpn

You can also use a USB drive or email to transfer the file securely.

Step 8: Connect to the VPN from a Client Device

1. Install OpenVPN Client

• Windows: Download and install the OpenVPN Client.
• macOS: Use Tunnelblick or OpenVPN Connect.
• Linux: Install OpenVPN using:

sudo apt install openvpn -y

2. Import the Configuration File

• Open the OpenVPN client application.
• Import the client1.ovpn file.

3. Connect to the VPN

• Use the OpenVPN client to connect using the imported profile.

Managing OpenVPN After Installation

If you need to manage OpenVPN, simply re-run the installation script:

sudo ./openvpn-install.sh

This allows you to:

• Add new VPN clients (generate additional .ovpn files).
• Revoke client access (disable a specific VPN user).
• Uninstall OpenVPN (remove OpenVPN from the server).

Security Considerations

1. Review the Installation Script

Before running any external script, it’s good practice to inspect it for security risks. Open the script with:

nano openvpn-install.sh

2. Keep Your System Updated

Regularly update your system to patch vulnerabilities:

sudo apt update && sudo apt upgrade -y

3. Configure Firewall Settings

Ensure the OpenVPN port (default: 1194) is open in your UFW firewall:

sudo ufw allow 1194/udp

If using iptables, allow VPN traffic:

iptables -A INPUT -p udp --dport 1194 -j ACCEPT
iptables-save > /etc/iptables.rules

Additional Resources

• OpenVPN Installation Script Repository: GitHub – Nyr/openvpn-install
• OpenVPN Community Documentation: OpenVPN Wiki
• Ubuntu Firewall Guide: Ubuntu UFW Documentation

Conclusion

By following this guide, you have successfully installed OpenVPN on an Ubuntu server using an automated script. This method simplifies the setup process and allows you to quickly establish a secure VPN connection.

By maintaining regular security updates, properly managing firewall settings, and following best practices, you can ensure a safe and reliable VPN environment.

If you encounter any issues, consult the OpenVPN community documentation or seek assistance from experienced system administrators.