How do I set up a VPN (openVPN) on my VDS?

Post Reply
User avatar
hiimcody1
Staff
Staff
Posts: 1593
https://www.youtube.com/channel/UC40BgXanDqOYoVCYFDSTfHA
Joined: Wed Dec 28, 2011 4:59 pm

How do I set up a VPN (openVPN) on my VDS?

Post by hiimcody1 »

Setting up a VPN on your VDS can be a challenging task. Fortunately a 3rd-party script exists for Debian-based installs [this includes Ubuntu] which can take care of setting this up for you.
  1. Log in to your VDS using SSH using software such as PuTTY. The login information is listed on the "Server control" page in your NFOservers control panel.
  2. Use the script. The script has a GitHub page. Use these commands to download it, make it executable, and run it:

    Code: Select all

    cd;
    wget https://git.io/vpn -O openvpn-install.sh && bash openvpn-install.sh
    
  3. The script will ask you a series of questions and walk you through setting up your VDS as a VPN server. Using the default answers for these should work on most basic configs. You may need to specify the desired IP if you are using more than one on your VDS.
  4. The script generates a file named something similar to client.ovpn. That file contains all the necessary config files and certificates for connecting to your VPN. Download it and set your VPN client to use these.

    Specifically, on Windows, you can set up your client by:
    1. Downloading and installing the OpenVPN software (you only need the client component of this).
    2. Downloading the config file to your desktop through a software such as WinSCP.
    3. Right-clicking the .ovpn file and selecting "Start OpenVPN on this config file" to connect to your new VPN.
  5. Open your preferred browser navigate to a site such as http://whatsmyip.org/. It should show that your IP now matches that of your VDS.
User avatar
Edge100x
Founder
Founder
Posts: 12945
Joined: Thu Apr 18, 2002 11:04 pm
Location: Seattle
Contact:

Re: How do I set up a VPN on my VDS?

Post by Edge100x »

Another way to go is to use the OpenVPN Access Server. This is a special OpenVPN package that comes with a UI and easy pre-configured client downloads. The main limitation of OpenVPN AS is that it requires the purchase of licenses if more than two users need to connect at once -- so, we recommend it mostly for personal VPNs.

To get up and running with OpenVPN AS:
  1. Visit https://openvpn.net/index.php/access-se ... as-sw.html
  2. Select the OS that you have installed on your service (we recommend defaulting to Debian, if you haven't chosen already).
  3. On the next page, right-click on the OS version that you installed and choose "Copy link location" or the equivalent in your browser.
  4. Open an SSH window to your service using PuTTY. Login using username "root" and the password given in your control panel.
  5. Type "wget " and then right-click in the window to paste in the link that you copied. It should now download the file.
  6. Use your package manager to install the package that it downloaded. For instance, in Debian, type "dpkg -i openvpn" and then press the tab key to complete the rest of the filename, before pressing enter.
  7. It will show you some brief notes, including the URLs to web UIs. Save these to a text document somewhere so that you'll always have them (you can copy to the clipboard by highlighting the lines in PuTTY).
  8. Set a password for your new openvpn user using the passwd openvpn command. Linux will ask you twice what to use. Make sure to use a good-quality password to prevent others from using your VPN!
  9. Visit the "Client UI" link that the package gave you when you installed it. Your browser should warn you that the certificate has a problem. Tell it to add an exception for this site. (Your browser is just warning you that the certificate is self-signed, but it's OK for it to be self-signed.)
  10. The page will show a "click here to continue" link which allows you to download the client through your browser. Download this and install it.
  11. After the install finishes, run the "OpenVPN Connect" application. It will ask you if you want to connect to the server and ask you for your username and password. The username is "openvpn" and the password is the one you chose previously.
  12. The connection should succeed. You can then visit a site like https://www.google.com/#q=what+is+my+ip to check your public IP address. It should show the IP address of the VDS and not your real client IP address. (Note that any connections that you already have open will continue to use your old address, however.)
OpenVPN Connect also has a client available for Android and IOS that you can find through the store for each device.

OpenVPN Connect has an admin interface that it links you to, where you can change a variety of advanced settings.
Post Reply