Browsing across untrusted networks can risk critical data like your wireless logins and transactions. OpenVPN is among the software that assures you of safety and security when browsing across untrusted networks.
In this post, we give you a step-by-step guide on how to install an OpenVPN on your Ubuntu 18.04 server. The guide was written by hosting experts and developers to make your work easier when installing your virtual private network.
How to Install OpenVPN on Your Ubuntu Server
To install OpenVPN on your Ubuntu server, run the command <sudo apt update> to update your server’s package indexes. Next, run <sudo apt-get install openvpn> command to download the OpenVPN package. When the download is finished, run the command <tar -xzvf openvpn-2.3.2.tar.gz> to extract the files from the archive.
When the installation is complete, generate the configuration files by running the command:
<sudo OpenVPN —genkey —secret keys/ta.key>.
You can now configure and start using OpenVPN to create a secure connection between two or more computers.
Key Takeaways
Here are the key takeaways from this guide:
- An OpenVPN is essential if you want to browse safely and securely across untrusted networks like hotel WiFi.
- To install the latest version of OpenVPN, you need to update your Ubuntu server package indexes.
- After installing, you can connect to your OpenVPN server remotely through either the OpenVPN client or a web browser.
- You need to generate a static key before you start transferring files between the OpenVPN server and your computer.
- You can optimize your server configurations using a strong cipher suite, a script, and compression for maximum security and functionality.
What is an OpenVPN?
OpenVPN is a VPN (Virtual Private Network) software that enables you to create secure connections over untrusted networks. This is useful for website owners who want to ensure their visitors’ data is protected while browsing.
A VPN encrypts your internet traffic and routes it through a remote server, making it difficult for anyone to track or eavesdrop on your activities.
Why Would You Want to Install OpenVPN on Ubuntu Server?
An OpenVPN makes your life easier by enabling you to traverse networks without worrying about prying eyes. Here are some of the benefits of installing OpenVPN on your Ubuntu server:
1. Increased security
OpenVPN enhances security by encrypting your data. You can rest assured that the data is safe from prying eyes. The software also employs diverse security protocols, which makes it even more secure.
2. Cost-effective
OpenVPN is cost-effective since you can download and use it free on Linux. It allows you to connect to a VPN server for free and has no associated licensing fees.
3. Greater flexibility
OpenVPN is a versatile technology you can use in different scenarios. For example, you can use it to connect to your home network while you’re away or to connect to a corporate network while working from home.
How to Install OpenVPN On Ubuntu Server
Installing OpenVPN on your Ubuntu server is pretty simple. Follow this step-by-step process to install the software effectively:
Step 1: Update Your Server’s Package Indexes
Before installing the software, you’ll need to update your server’s package indexes (to 18.04) to enable you to install the latest version of OpenVPN.
To do this, log into your server and run the following command: <sudo apt update>
Step 2: Install OpenVPN and the OpenSSL Libraries
Now that your server package indexes are up-to-date, you can install OpenVPN and its associated OpenSSL libraries.
The first step is to download the OpenVPN package. You can do this by running the following command: <sudo apt-get install openvpn>
Once the download is finished, you must extract the files from the archive. You can do this by running the following command:
tar -xzvf openvpn-2.3.2.tar.gz
Once you extract the files, you need to change their location’s directory. You can do this by running the following command: <cd OpenVPN-2.3.2/ >
If prompted, enter your sudo password and press Y to confirm the installation.
Once the installation is complete, you can generate the necessary configuration files by running the following command:
<sudo OpenVPN —genkey —secret keys/ta.key>
This will generate a file called ta.key in the keys directory. The contents of this file will be used to authenticate TLS/SSL connections made to your VPN server.
Once OpenVPN is installed, you can configure and start using it to create a secure connection between two or more computers.
Step 3: Configure your server’s Firewall rules
Next, you need to configure your server’s firewall rules so traffic can flow correctly through the VPN. To do this, you can use the UFW firewall application.
First, you need to make sure that UFW is installed on your system by running the following command:
<sudo apt-get install ufw>
If UFW is already installed, you’ll see a confirmation message. Otherwise, the firewall installation will begin and should only take a few moments to complete.
You can then configure it by running the following commands:
<sudo ufw allow 1194/udp> <sudo ufw enable>
Once the firewall is configured, you can start the OpenVPN server with the following command:
<sudo systemctl start openvpn@server>
You can also check the status of the server with the following command:
<sudo systemctl status openvpn@server>
How To Connect to Your OpenVPN Server Remotely
Once you install and configure your OpenVPN, you can easily connect to it from a remote location, access your files and folders, and transfer them to your computer.
There are two ways to connect to your OpenVPN server from a remote location: Using the OpenVPN client and through a web browser.
1. Connecting Using the OpenVPN Client
You’ll need to download the OpenVPN client for your operating system to connect via the OpenVPN client. After downloading, launch the program and enter your server’s address.
Next, enter your username and password. Once you’re logged in, you should see your server’s files and folders. You can now transfer files between your computer and the server.
Test the client to ensure it can function well:
$ openvpn --remove SERVER_IP --dev tun1 --ifconfig 10.9.8.2 10.9.8.1
Generate a Static Key
Before transferring files between the server and your computer, you need to generate a static key.
On your server, run the following command to generate a static key:
$ openvpn --genkey --secret static.key
This will generate a file in the folder where you are located.
Now get the file via sftp and copy it to /etc/openvpn in your client VPS. It’s highly recommended to use a secure method to transfer these files e.g scp (Secure Copy). On the server side, create a new file.
Another option is to make a cat of the static.key file and copy the content and paste it on the client:
In the client, launch vi /etc/openvpn/static.key and press “I†to insert.
Paste
Press ESC to exit editing mode and then type 😡 to exist, saving changes
If you are working with windows and you have clipboard history activated in your windows, press the Windows key + v to delete it:
The default permission for the file is read for anyone. It’s always better to restrict read-only for root (or the user who will launch the VPN):
On the Server:
Create a new file on the server and add the following code:
$ vim /etc/openvpn/tun0.conf
Add the following code:
Dev tun0 Ifconfig 10.9.8.110.9.8.2 Secret /etc/openvpn/secret.key
On the Client:
Create a new file and add the following code:
$vim /etc/opnevpn/tun0.conf
Add the following code:
Dev tun0 Ifconfig 10.9.8.210.9.8.1 Secret /etc/openvpn/secret.key
You can now go ahead and start the OpenVPN services by running the following command on both the server and client to view the output:
$ openvpn --config /etc/openvpn/tun0.conf --verb 6
On the Server
On the Client
At this point, you should be able to ping the 10.9.8.1 IP address from the client VPS and 10.9.8.2 address from the server side.
Before establishing the OpenVPN:
After establishing the OpenVPN:
2. Connecting to OpenVPN via a Web Browser
You can also connect to your OpenVPN remotely using a web-based interface. We recommend using the OPNsense interface.
To connect:
- Open your web browser and enter the URL of your OPNsense server.
- Log in with your username and password, click the “VPN†tab and select “OpenVPN.â€
- Choose the country or location you want to connect to and click “Connect.â€
You should now be connected to your OpenVPN server.
Tips For Optimizing Your OpenVPN Server Configuration
As with any other software, it’s essential to configure your OpenVPN properly to get the most out of it. Here are some tips to optimize the server configurations for the best functionality.
- Use a strong cipher suite: A cipher suite is a set of algorithms used to encrypt your data. When configuring your OpenVPN server, use a strong cipher suite like AES-256-GCM to ensure your data is appropriately encrypted and secure.
- Use compression: Compression helps to reduce the amount of bandwidth your VPN uses. When configuring your server, be sure to enable compression like LZO or ZLIB to save you bandwidth costs and make your VPN more cost-efficient.
- Use multiple servers: If you have the budget, consider using multiple OpenVPN servers in different locations. This will help improve reliability and performance while providing redundancy in case one server goes offline.
- Use a script to manage configurations: If you’re managing multiple OpenVPN servers, it will be helpful to use a script like ovpn-init to manage your configurations. This will ensure all your servers are correctly configured and avoid potential errors.
Conclusion
OpenVPN is an essential tool for securing your online communications, and we recommend that every Ubuntu server have it installed. At this point, you are now able to install VPN and use it to secure your network traffic.
You can also look at how to set up a VPN on Windows server if you’re a Windows OS user.
Next Steps: What Now?
Here are some practical steps you can take from this guide on how to install OpenVPN on an Ubuntu server:
- If you need the best VPS host for your virtual private server, check out our Top 10 VPS hosting providers of 2022.
- Download OpenVPN from the best VPN service providers in 2022 and install it on your Ubuntu or Windows server.
Further Reading
Here are other articles related to this guide that you can read to learn more about installing OpenVPN on Ubuntu 18.04 server:
- https://www.allthingssecured.com/vpn/faq/what-is-openvpn/
- https://www.digitalocean.com/community/tutorials/how-to-set-up-an-openvpn-server-on-ubuntu-18-04
- https://www.cyberciti.biz/faq/ubuntu-18-04-lts-set-up-openvpn-server-in-5-minutes/
- https://www.arubacloud.com/tutorial/how-to-set-up-and-configure-a-vpn-with-openvpn-on-ubuntu-18-04.aspx
- https://hostadvice.com/how-to/how-to-install-openvpn-server-on-an-ubuntu-18-04-vps-or-dedicated-server/
FAQs
- Is OpenVPN secure?
Yes. OpenVPN is secure since it uses HTTPS SSL encryption to secure the connection between the web server and the web browser. This means that any credentials you enter on the web browser can’t be seen in plain text on the network and, therefore, can’t be stolen by a middleman. - Does Ubuntu have a built-in VPN?
No. Ubuntu does not have an in-built VPN. However, it offers a network manager and an excellent GUI for configuring your network settings, which can manage your VPN connections. - Which OpenVPN provider is best for Ubuntu?
Some of the best VPN providers who offer OpenVPN for Ubuntu in 2022 include CyberGhost, ExpressVPN, Proton VPN, NordVPN, and Surfshark.
