OpenVPN is an open-source VPN protocol widely used to encrypt data on the internet. OpenVPN uses OpenSSL to encrypt both control channels and data. Running your own VPN server could be a good idea because it gives you absolute control over your privacy and online anonymity.
Now, to be able to successfully run a robust OpenVPN server infrastructure, you need a good VPS server with sufficient resources like RAM, CPU, and bandwidth. Your VPS server should be capable of offering a high-speed connection capable of giving your VPN experience a flawless connection.
If your OpenVPN server is deployed on a bandwidth-capped VPS server, your VPN connection is likely to be slow and poor for your browsing experience.
Now, I recommend Contabo VPS because it offers enough bandwidth and its pricing is way more affordable compared to other players on the market. For less than $8 per month, you can get a good VPS with 4vCPU, 8GB RAM, and 32TB bandwidth from Contabo. Check out Contabo’s VPS pricing table below;
Cloud VPS S
-
4 vCPU Cores
-
8 GB RAM
-
50 GB NVMe or 200 GB SSD
-
1 Snapshot
-
32 TB Traffic Bandwidth
-
Unlimited Incoming Traffic
Cloud VPS M
-
6 vCPU Cores
-
16 GB RAM
-
100 GB NVMe or 400 GB SSD
-
2 Snapshots
-
32 TB Traffic Bandwidth
-
Unlimited Incoming Traffic
Cloud VPS L
-
8 vCPU Cores
-
30 GB RAM
-
200 GB NVMe or 800 GB SSD
-
3 Snapshots
-
32 TB Traffic Bandwidth
-
Unlimited Incoming Traffic
Cloud VPS XL
-
10 vCPU Cores
-
60 GB RAM
-
400 GB NVMe or 1.6 TB SSD
-
4 Snapshots
-
32 TB Traffic Bandwidth
-
Unlimited Incoming Traffic
Now, you can get a good VPS machine for your OpenVPN server from Contabo at a penny price by starting from here.
Connect to your VPS server
As we know it, we have to remotely connect to our VPS machine using SSH., This means that you must have your server’s IP address, username, and password. Additionally, to successfully run installations on our machine, we need to log in as root, or the SSH account you’re going to use must have Sudo privileges to run administrative commands on the server.
For beginners, we use the following command syntax to establish an SSH connection to our remote VPS server.
ssh username@ip_address
From the command above, replace username
with your own SSH username and replace ip_address
with the actual IP address of your server.
Update your system
Now that we’ve connected to the remote terminal of our VPS server, we need to first update the system. We can achieve this by running the following command;
sudo apt update
Install wget package
We will use the wget
package to download the OpenVPN script from the GitHub repository. If you already have this package installed on your server, then you can skip this step. Otherwise use the following command to download wget on your machine;
sudo apt-get install wget
RECOMMENDED: How to install Ant Media Server on VPS
Download and execute the OpenVPN server script
Now, let’s download the OpenVPN script from the repo using the following command;
wget https://git.io/vpn -O openvpn-install.sh && bash openvpn-install.sh
The above command will download the OpenVPN script and then automatically install it on the system. After a successful installation of the script, you will be greeted with a configuration page on your terminal. And so, you will be required to fill in the appropriate details required. Let’s quickly breakdown this step;
Which IP Address should be used?
You need to insert the Public IP address of your server. Make sure the IP address you’re selecting is the exact IP address of your VPS machine.
Select the DNS server for the clients
A couple of DNS servers will be listed to provide you with options, but I would recommend that you select Google DNS
Enter the name for the OpenVPN client
This is the name of the OpenVPN client configuration file you’re going to download so you can use it on your local device to connect to your OpenVPN server. You can give your OpenVPN client file any name, and there is no standard procedure required in this process. In this example, let’s name this file joe, meaning that at the end the file will be generated as joe.ovpn
After you’ve filled in all the necessary details the system requires, you will need to hit ENTER so your OpenVPN configuration file is generated for you. When this process is complete, you will see a message on your terminal as seen below;
The client configuration is available in: /root/joe.ovpn
The above notification message is telling us that our generated OpenVPN configuration file joe.ovpn is located in the /root/ directory.. Please don’t freak out if your configuration file is not in the same directory as mine. You can always find it by using the cd command on your terminal.
Check the OpenVPN server status
We need to confirm if our installed OpenVPN server is actually running on our system by using the following command;
systemctl status openvpn
If it’s running, then you should be able to see a message like active (running). But if it’s not running, then you will see inactive. And you can start your OpenVPN server by running the following command;
systemctl start openvpn
Allow OpenVPN through the firewall
OpenVPN by default uses UDP port 1194 to accept incoming connections from client devices. And so, we need to open this port through the firewall.
Install iptables on the server
We need to first install iptables as our choice firewall for our server. But if you prefer to use any other Linux firewall, then you can skip this step. In this article, let’s install iptables using the following command;
sudo apt-get install iptables
Let’s confirm if iptables is running by using the following command;
systemctl status iptables
Open TCP port 22 for SSH
Whenever the firewall is installed, it’s important to first open port 22 to prevent getting locked out of your server in the event of an abrupt reboot or shutdown of your server. We can achieve this by running the following command;
sudo iptables -A INPUT -p tcp --dport 22 -j ACCEPT
Open UDP port 1194 through iptables by running the following command;
sudo iptables -A INPUT -p udp -m udp --dport 1194 -j ACCEPT
ALSO RECOMMEDED: How to install a Graphical User Interface on Ubuntu Server
Download the configuration file to your local device
In this article, our configuration file is named as joe.ovpn, and it’s located in the /root/ directory. We need to transfer this file to our local device which we will use to connect to our OpenVPN server. And the best way to transfer the file is to use FTP.
Install FTP server on our remote server
To install an FTP server, we need to run the following command;
sudo apt install vsftpd
Check if the FTP server is successfully running using the following command;
systemctl status vsftpd
Create an FTP user
To connect to the FTP server, we need to create a new FTP user named joe or named anything you want using the following command. In this example I’m using joe as the name of the FTP user we’re creating;
sudo useradd joe
We need to add a password to the newly created FTP user account by running the following command. Make sure you replace joe with the name of the FTP user you created
sudo passwd joe
Please note that while typing in your password on the terminal, you won’t see anything on the screen. It will just remain dark. And so, just make sure you type in the correct password. I would recommend that you first note the password in a secure place and then type it on your terminal.
Create a directory for the FTP user
We’ve created user joe and we need to assign it a home directory by running the following command;
sudo mkhomedir_helper joe
So, the above command will create a home directory named joe for user joe. And if you’re a root user, directory joe is located in the root home directory. Go to your home directory by running the following command;
cd home
Now, let’s confirm if directory joe is located in our root home directory by running the following command which will list all the directories;
dir
You will notice that there is a directory named joe just as we created it.
Add permissions to the new directory
We need to add some permissions to the joe directory we created by running the following command;
sudo chmod -R 775 joe
Add user joe to the sudoer group
Let’s also add user joe to the sudo group so it has some administrative privileges to the system by using the following command;
usermod -aG sudo joe
Allow FTP connections through the firewall
By default, FTP uses ports 20 & 21 to accept incoming connections. So we can open these two ports by running this command;
sudo iptables -A INPUT -p tcp --dport 20:21 -j ACCEPT
Transfer joe.ovpn file to directory joe
As you remember, our OpenVPN configuration file was generated and stored in the /root/ directory of our machine. What we need to do is to transfer this file from the root directory to the directory named joe we created for user joe. We can achieve this by running the following command;
cp joe.ovpn /home/joe
Connect to your FTP server
It’s time to connect to the FTP server so we can transfer the joe.ovpn configuration file from the server to the local device. To achieve this, we will need to use an FTP client.
You can use any FTP client application you want but in this example, we’re using WinSCP on the local computer. If you don’t have WinSCP on your computer, then you can download and install it on your computer,
While using WinSCP to connect to the FTP server, make sure the following details are set correctly
- You should select FTP in the dropdown as the File Protocol
- The hostname is the IP address of your VPS server
- The Username is the user we created named joe
- The password is for the user joe we created
Once the FTP connection is successfully established, you will be taken to the directory called joe where we transferred our OpenVPN configuration file named joe.ovpn. Now, you can transfer this file to your local computer.
Download the OpenVPN client
This is the final step where we’re supposed to download and install the OpenVPN client application to enable us to connect to the OpenVPN server we installed. This application is free and you can find it here
Once the OpenVPN client application is installed on your local machine, you can upload the configuration file you just transferred to your local computer and start connecting to your OpenVPN server.
That’s it and happy anonymous browsing 🙂
More related articles to explore
- How can I install an Open SSH Server on Ubuntu Linux?
- How to host a Laravel application on Ubuntu using Apache
- How can I update Ant Media Server on Ubuntu?
- How to use Alibaba Cloud Free credit to Set up Ubuntu server
- How to install and configure UFW firewall on Ubuntu Linux
- How to set up Nginx RTMP Server on Ubuntu to Live stream videos
- How can I create FTP User Directory in Ubuntu?
- Step-by-Step Guide to Installing FTP on Ubuntu Server
- How to deploy WordPress on a Ubuntu LAMP Server
- How to deploy a MySQL Server on Ubuntu
- What is the easiest way to install Apache Server on Ubuntu?
- How to configure iptables to secure Apache server on Ubuntu
- How to enable root user on AWS ec2 Ubuntu Linux instance
- How to Install OpenVPN Server on Ubuntu
- How to install a Graphical User Interface on Ubuntu Server
- How to install Ant Media Server on Ubuntu Linux Server
- How to Dual Boot Kali Linux and Windows on a Laptop
- How to Install WordPress on a VPS Server using Cloudron?
- How to use the apt command in Linux | Syntaxes & Examples
- Is deploying and managing a VPS server hard?