How to Setup OpenVPN Access Server on Linux?
VPN or Virtual Private Network is a method, which allows you to connect to a remote internet server or computer securely – as it were under the same local area network (LAN). Nowadays all devices support VPN connections – from mobile phones and tablets to personal computers. You can securely connect to your banking sites, make transactions on public WIFI hotspots while encrypting your connection with a VPN. OpenVPN is a free open source software which allows you easily set up, configure and manage your VPN service via web interface. It supports secure socket layer (SSL) protocol, which ensures connection security. OpenVPN service can be accessed from Windows, Mac OS ad Android as well. This tutorial will show you how to install, configure and manage OpenVPN access server, which allows you to have up to 2 clients for free on CentOS/RHEL/Fedora and Ubuntu/Debian operating systems.
For OpenVPN to work properly, TUN/TAP and NAT modules must be enabled on your server.
You can check if TUN/TAP is enabled on your server by running
cat /dev/net/tun command:
[root@server ~]# cat /dev/net/tun
cat: /dev/net/tun: File descriptor in bad state
Everything is OK if you get the same output as displayed, otherwise you need to enable TUN/TAP for your server.
Before you start using OpenVPN, you have to update you server’s operating system.
For Ubuntu 14
apt-get upgrade –y
For CentOS/RHEL 6
Afterwards you have to download and install the latest version of OpenVPN access server.
NOTE: Full list of OS distributions can be found at https://openvpn.net/index.php/access-server/download-openvpn-as-sw.html
For both Linux distributions you will see the same output:
Configuration log file has been written to /usr/local/openvpn_as/init.log
Please enter “passwd openvpn” to set the initial
administrative password, then login as “openvpn” to continue
configuration here: https://22.214.171.124:943/admin
To reconfigure manually, use the /usr/local/openvpn_as/bin/ovpn-init tool.
Access Server web UIs are available here:
Admin UI: https://126.96.36.199:943/admin
Client UI: https://188.8.131.52:943/
You have to create a password for your openvpn user, which will be used as your OpenVN Access Server admin user. It can be done with
passwd openvpn command:
Enter new UNIX password:
Retype new UNIX password:
passwd: password updated successfully
Log in to your OpenVPN Access Server ADMIN UI interface through you web browser – type https://your_IP:943/admin/. You will see a message that your certificate is not trusted, that is normal because no one witness your certificate, so make an exception and you will be redirected to admin login page.
Enter openvpn as your username and the password you created in the previous step and click the “Sign In” button.
You will be redirected to Status Overview page. As you can see, your VPN server is up and running, so you can connect as client (if you don’t want to do any specific configuration). Click the Logout button and type the following link in your internet browser: https://your_ip:943/ and make sure that the connect option is selected:
Type openvpn as your username, the password you created previously and click the “Go” button.
In order to download OpenVPN Connect software, which suits for your operating system, click on “click here to continue” button. Download and install it. OpenVPN connect icon will appear in the tray bar – click the right mouse button and select “Connect to X.X.X.X”:
Enter your login credentials and click to ”Connect”.
The message that your SSL Certificate is untrusted will appear. Click “Yes”.
Congratulations. Your connection to the internet is now secured. You can check your public IP address, it has changed:
Your OpenVPN client panel should automatically redirect to the following website where you can download OpenVPN software for other devices and also download your .ovp profile.