Install OpenVPN Open Source in Linux CentOS/Ubuntu/Debian/Amazon Linux
In this tutorial we’ll learn how to install open source openvpn on linux server and run your own VPN server. This is OpenVPN script installer for Debian, Ubuntu, Fedora, CentOS and Arch Linux. This script will let you setup your own VPN server in just a few minutes.
OpenVPN provides flexible VPN solutions to secure your data communications, whether it’s for Internet privacy, remote access for employees, securing IoT, or for networking Cloud data centers. OpenVPN Server software solution can be deployed on-premises using standard servers or virtual server, or on the cloud server.
Why Use Our VPN?
- Uses the public Internet to create an economical, isolated, and secure private network
- Remote access to internal services increases mobile workforce productivity
- Reduces security risk by preventing unauthorized access to specific network resources
- Encryption ensures privacy on untrusted Wi-Fi and other public access networks
- Extends centralized unified threat management to remote networks
DOWNLOAD OpenVPN Connect client from here : CLICK HERE
Requirements : A vps server with ram 512 Mb will be enough, Virtualization type KVM/hyperv/vmware are recommended. Internet speed 100mbps or 1gbps.
So lets Get started :
Step 1 :
Download the openvpn install script :
mkdir /root/vpn cd /root/vpn curl -O https://raw.githubusercontent.com/angristan/openvpn-install/master/openvpn-install.sh chmod 755 openvpn-install.sh
Step 2 :
Run the installer :
./openvpn-install.sh
Now follow the onscreen instructions, below i’ve tried to cover them most of it :
you’ll be ask to choose the server ip (if you’ve NAT server the ip can be different) press enter :
Welcome to the OpenVPN installer! The git repository is available at: https://github.com/angristan/openvpn-install I need to ask you a few questions before starting the setup. You can leave the default options and just press enter if you are ok with them. I need to know the IPv4 address of the network interface you want OpenVPN listening to. Unless your server is behind NAT, it should be your public IPv4 address. IP address: 123.224.555.222
Now it will asks for ipv6 if available hit enter by selecting y :
Checking for IPv6 connectivity... Your host appears to have IPv6 connectivity. Do you want to enable IPv6 support (NAT)? [y/n]: y
Then it will ask to choose port and prompted with 3 options, I’ll choose Random by typing 3 and it will output some random port remember that port we need it later:
What port do you want OpenVPN to listen to? 1) Default: 1194 2) Custom 3) Random [49152-65535] Port choice [1-3]: 3
Next it will prompt to select UDP or TCP protocol. I’ll recommended to use UDP by selecting 1 for faster speed :
What protocol do you want OpenVPN to use? UDP is faster. Unless it is not available, you shouldn't use TCP. 1) UDP 2) TCP Protocol [1-2]: 1
Next it will ask you to select the DNS provider for VPN connection communication, I’ll select 9 for google dns :
What DNS resolvers do you want to use with the VPN? 1) Current system resolvers (from /etc/resolv.conf) 2) Self-hosted DNS Resolver (Unbound) 3) Cloudflare (Anycast: worldwide) 4) Quad9 (Anycast: worldwide) 5) Quad9 uncensored (Anycast: worldwide) 6) FDN (France) 7) DNS.WATCH (Germany) 8) OpenDNS (Anycast: worldwide) 9) Google (Anycast: worldwide) 10) Yandex Basic (Russia) 11) AdGuard DNS (Anycast: worldwide) 12) NextDNS (Anycast: worldwide) 13) Custom DNS [1-12]: 9
Next it will ask for if you want to enable compression, its not needed hit enter by selecting n :
Do you want to use compression? It is not recommended since the VORACLE attack make use of it. Enable compression? [y/n]: n
Then it will ask to customize encryption, I’ll leave default settings and hit enter by selecting n :
Do you want to customize encryption settings? Unless you know what you're doing, you should stick with the default parameters provided by the script. Note that whatever you choose, all the choices presented in the script are safe. (Unlike OpenVPN's defaults) See https://github.com/angristan/openvpn-install#security-and-encryption to learn more. Customize encryption settings? [y/n]: n
At this point you’ve completed most of needed option now you’ll be prompted to proceed by clicking any key :
Okay, that was all I needed. We are ready to setup your OpenVPN server now. You will be able to generate a client at the end of the installation. Press any key to continue...
Now you can see instalaltion is started it will take a minute or two to complete, then the script will ask you to enter the openvpn username client, i’ll use mysterydata as client username:
Tell me a name for the client. The name must consist of alphanumeric character. It may also include an underscore or a dash. Client name: mysterydata
Next it will ask to add password or passwordless login, I’ll choose passwordless client by choosing 1 because auto-reconnect option work with it better :
Do you want to protect the configuration file with a password? (e.g. encrypt the private key with a password) 1) Add a passwordless client 2) Use a password for the client Select an option [1-2]: 1
thats it the script will now end and it will create client-username.ovpn in /root/vpn dir, you need to download the .ovpn file to your pc and use it to connect via openvpn client download openvpn connect client from above link. Install the client and import the .ovpn file in client and connect.
Step 3 :
Add the openvpn port to firewall, as i asked you above to remember the openvpn port, you need to add that port to firewall UDP or TCP whatever you chosen the protocol to open list in and out
Step 4 :
To remove openvpn, add new user or to make changes to current user you need to run this script again :
cd /root/vpn ./openvpn-install.sh
it will show below options :
Welcome to OpenVPN-install! The git repository is available at: https://github.com/angristan/openvpn-install It looks like OpenVPN is already installed. What do you want to do? 1) Add a new user 2) Revoke existing user 3) Remove OpenVPN 4) Exit