VPN stands for Virtual Private Network. An open-source VPN software is OpenVPN and can run as a Linux VPN server. Simply, a VPN secures connections by creating a point-to-point secure connection. Using a good VPN for Linux is one of the best ways to stay secure on the Internet or an open network. In this article, we will show you how to set up your own Linux VPN server using OpenVPN. Turn your VPS into a great security measure!
Why You Should Use a Linux VPN Server
VPN has many benefits. Some of them are:
- Security – VPN provides better and stronger protection than all data is encrypted. It is safer than firewalls.
- Remote Access – Many institutions, government and defense offices allow remote access only through VPN to ensure high security.
- ISP encryption – ISP stands for Internet Service Provider. If you use a public Wi-Fi connection, your ISP can read all your unencrypted data. You can keep your data secure by not allowing your ISP to read your data using VPN.
- Anonymous – VPNs allow users to maintain anonymity while browsing the Internet. IP addresses cannot be detected.
- IP Change – VPN allows users to change IP addresses and navigate safely. This is sometimes used in areas with location-based restrictions
- Access to banned sites – certain websites are banned in several geographic areas. Used to circumvent Internet censorship and visit banned websites because a VPN provides anonymity
- Throttling – some ISPs narrow user traffic by content. Such constrictions can be overcome by using a VPN.
VPN also uses encryption to make your purchases more secure.
Now that we’ve told you about the benefits of the Linux VPN server, we’ll show you how to install OpenVPN on Linux. We will show you how to set up the Linux VPN server and how to connect it to Windows, Android, and other devices. And if you want to learn more about the OpenVPN protocol, we recommend you to read this OpenVPN review.
- You must have root access or sudo permissions
- OpenVPN should not be pre-installed
- The firewall must allow TCP traffic over port 943 and UDP traffic over port 1194. We recommend using UFW.
Installing a Linux VPN Server with OpenVPN Access Server
First, you need to update the system. For CentOS, use this command:
yum -y update
Update the indexes for Ubuntu and Debian using this command:
sudo apt update
To install OpenVPN, you will need a net-tools package. If it is not already installed, install it. The Net-tools package contains the ifcfg required for the OpenVPN server installation.
You can install it for CentOS with this command:
sudo yum install net-tools
For Ubuntu and Debian, use the following command:
sudo apt install net-tools
You can download an OpenVPN client for your version from the OpenVPN website. You can find the link here and use it with the curl command. An example curl command line for Ubuntu is as follows:
curl -O http://swupdate.openvpn.org/as/openvpn-as-2.5.2-Debian9.amd_64.deb
For CentOS, the curl command would be:
curl -O http://swupdate.openvpn.org/as/openvpn-as-2.7.3-CentOS7.x86_64.rpm
Here you can add the URL to your version. Press the SHA256 checksum to check for correct installation. You can use the following command:
sha256sum openvpn-as- *
The following command will suppress the checksum:
To install on CentOS:
sudo rpm --install openvpn-as - *. rpm
Similarly, in Ubuntu and Debian, you can use the following command at the command line:
sudo dpkg -i openvpn-as - *. deb
This will take a while to load. After the installation is complete, you will see the administrator and client user interface information. By default, an OpenVPN user will be created during installation. Here’s how you can set the password for this user:
This will allow you to set a new password. Remember to use this password to log in. Use the admin URL to log in and finish the setup process. In our case, the admin URL will be
https://126.96.36.199:943/admin. Normally, this URL is simply your VPS address. Finally: 943 port followed by the / admin extension, just like in the example.
After you set and enter your URL, you’ll see the following screen:
As mentioned before, the username is OpenVPN and the password is the password you just set. After logging in, you’ll be able to see a Terms and Conditions page. After reading, you can proceed by pressing Accept. The next page will give you the configuration settings and the status of the server.
The settings provided are good enough and can allow macOS, Linux, Android, and iOS-based devices to connect to the Linux VPN server. If you want to change any settings, click Apply and Update Running Server to activate the changes.
This completes the default installation. Next is the OpenVPN tunnel.
Installing a Linux VPS Server with OpenVPN for Tunneling
Enable IP routing on your kernel using the following command:
echo 'net.ipv4.ip_forward = 1' | sudo tee -a /etc/sysctl.d/99-sysctl.conf
This enables traffic routing over IPv4. To apply these changes, use the following command:
sudo sysctl -p
OpenVPN does not support concurrent tunnels over IPv6 and IPv4, so you can disable IPv6 using these commands:
sudo sysctl -w net.ipv6.conf.all.disable_ipv6 = 1
sudo sysctl -w net.ipv6.conf.default.disable_ipv6 = 1
To manually disable IPv6, add the following parameters to the boot. These parameters /etc/sysctl.d/ at position 99 -sysctl .conf you must add the file. Simply use the cd command to access the folder, and you can use any text editor to edit the file. Don’t forget to save your changes!
net.ipv6.conf.all.disable_ipv6 = 1
net.ipv6.conf.default.disable_ipv6 = 1
net.ipv6.conf.lo.disable_ipv6 = 1
net.ipv6.conf.eth0.disable_ipv6 = 1
You can now activate the new settings using this command:
Add the following IPv6 solution line to the hosts’ file at / etc / :
# :: 1 localhost ip6-localhost ip6-loopback
However, you have disabled IPv6. Now log in to the Admin server URL and go to the VPN settings.
On the Routing tab, should VPN clients have access to private subnets (non-public networks on the server-side)? the option should be set to No :
Should client Internet traffic be routed through the VPN? should be set to Yes.
Change the DNS resolver settings to prevent any DNS leakage. Set the Access Server host setting to Yes
Save to these settings and be sure to click Update Running Server. You can restart the OpenVPN server using the Status tab from the administrator console. From here you can stop the server from running and then restart it.
So you have set up your OpenVPN server. Now we can proceed to client installations.
How to Connect to a Linux VPN Server with OpenVPN
Now that your server is running smoothly, you can connect to your server with some devices! Here’s how to do it with the most popular operating systems:
How to Install and Connect the OpenVPN Client for Windows
After opening the OpenVPN client URL, you will see download links for different operating systems.
Select the Windows version and install it.
When the installation is complete, you will be prompted to enter your OpenVPN username and password. The server IP will be entered automatically.
You can use the OpenVPN icon from your Windows taskbar to disconnect, reconnect, and view connection status.
How to Install and Connect the OpenVPN Client for macOS
Connect to the OpenVPN client UI and click the download link for macOS. After this package is downloaded, a window with the installation package icon will open.
Follow the standard procedure of MacOS application installation.
Double-click the installation icon and double-click Open to start the installation.
After the installation is complete, you will see the OpenVPN icon on your macOS taskbar. You can right-click this icon to see different options. Here you can connect to OpenVPN.
After clicking Connect, you will see a window asking for your OpenVPN username and password. Enter your details here and click Connect to establish the Linux VPN server connection.
How to Install and Connect OpenVPN Client for Linux
The installation process for Linux is slightly different. To download and install OpenVPN client software on CentOS, use the following word:
sudo yum install OpenVPN
Similarly, you can install the OpenVPN client software in Debian or Ubuntu using the following command:
sudo apt-get install openvpn
Open the OpenVPN client user interface and download the appropriate profile for your operating system. Alternatively, you can use the wget or curl command and enter the URL to download the software.
Copy the downloaded profile to / etc / OpenVPN and rename it to client.conf. You can start the OpenVPN tunnel service where you will be asked for your username and password. You can start the service using this command:
sudo service openvpn start
You can use the ipconfig or IP addr commands to view network connections. Once the VPN interface is accessible, you will see that there is a tun0 interface added to the current list in the output.
How to Install and Connect OpenVPN Client for Linux
First, go to the Google Play store and find and install OpenVPN Connect.
After opening the application you will see three options – Custom Tunnel, Access Server and OVPN Profile.
Select Connect to Server and enter all the information manually:
- Title – set your preferred name for the link
- Access Server Machine Name – IP address of your Linux VPN server
- Port – 934 port of your Linux VPN server
- User Name – specific user name on your server – OpenVPN by default
- Password – the password you specify in the console when setting up your Linux VPN Server in a terminal environment
Alternatively, you can import the .ovpn file for your profile. You can obtain a connection profile from the client user interface.
How to Install and Connect an OpenVPN Client for iOS
Just like Android devices, you can download OpenVPN software from the App Store.
Complete the installation and open the application. It will ask you to enter profile information or upload the profile file, such as the Android version.
After that, you can start using OpenVPN on your iPhone or iPad.
Linux VPN Server Compression Settings
If you are connected to a VPN and cannot browse the Internet, you can open OpenVPN records by opening the file /var/log/openvpnas.log on your VPS. If you see entries similar to the example shown below, you’re probably experiencing compression issues:
2019-03-23 18: 24: 05 + 0800 [-] OVPN 11 OUT: 'Mon Mar 23 08:59:05 2016 guest / 188.8.131.52: 55385 Bad compression stub decompression header byte: 251'
To resolve this, you can disable compression. You can do this from the admin interface. Open the Admin interface and click Advanced VPN.
Go to Default Compression Settings. Client support VPN connections compression option disabled to leave.
Apply the changes and click Update Running Server. The problem must be solved.
Adding Users to a Linux VPN Server Running OpenVPN
The free OpenVPN client supports two users. To create more users, you must choose one of the paid plans. You can add additional users from the Admin interface. Go to the User Management tab and click the User Permissions link.
Enter the new username as shown below:
Configure additional settings for this new user by clicking the More Settings link. Here you can enter the user password and other information.
In this article, you’ve learned how to set up a Linux VPN server using OpenVPN and how to connect your server using a variety of clients, such as Windows, Linux, Android, iPhone, or iPad and macOS.
Now that you have all the basics, you can surf the Internet safely with your brand new Linux VPN server. For more information, see the official manual of OpenVPN, which can be found in the admin interface. This is the end of our guide for the first time when you install server-client OpenVPN. Safe navigation with OpenVPN! Don’t forget to share your thoughts and comments with us in the comments section below!