Page 1 of 2 12 LastLast
Results 1 to 25 of 47
  1. #1
    Join Date
    Nov 2007
    Location
    New Jersey, USA
    Posts
    4,740

    Talking How to Install OpenVPN on a VPS or Dedicated Server (With Pictures)

    You must be hearing a lot about VPNs these days. We have witnessed the demand for VPNs rising rapidly in recent years. Moreover, Google trends also show the rise in the search trend of “VPN” and VPN-related keywords.

    VPN stands for Virtual Private Network, and there are many reasons why people use them. Security, Internet Censorship, and privacy on public Wi-Fi are just a few of the many reasons. In this article I will be discussing how to install OpenVPN on a VPS or dedicated server to allow you to have VPN connections to your server.

    For this tutorial, we will be installing OpenVPN on a VPS running CentOS 6.x 64-bit with 1GB of RAM.

    Requirements

    • Vanilla OS install (preferable)
    • 64MB of RAM (128MB recommended)
    • Root SSH Access
    • TUN/TAP
    • SFTP Client

    First and foremost we need to connect to our server via SSH. If you do not have an SSH client installed, I would highly recommend PuTTy. It’s free and you can find it via a quick Google search. I use SecureCRT, as it makes saving my SSH sessions very easy.

    Picture 1

    Once you are connected via SSH we can get to work. The next thing we need to do is verify that TUN/TAP is enabled. To do this run the following:

    Code:
    cat /dev/net/tun
    If TUN/TAP is enabled, it will return the following:

    Code:
    [root@vpn ~]# cat /dev/net/tun
    cat: /dev/net/tun: File descriptor in bad state

    If you get anything else, you will need to contact your hosting provider to have TUN enabled. Generally if it is disabled it will return a “file not found” message.
    We will proceed by installing some modules which will be required later on in the install process.

    Code:
    yum install gcc make rpm-build zlib-devel pam-devel openssl openssl-devel autoconf.noarch nano -y
    Lets download the OpenVPN REPO and RPMForge REPO install files.
    CentOS 6.x 64-bit

    If you are using CentOS 5.x, change the “el6” in the second URL to “el5“. If you’re using the 32-bit version of your OS, change “x86_64” to read “i386


    Next we need to build and install the RPM packages we just downloaded.

    Code:
    rpmbuild --rebuild lzo-1.08-4.rf.src.rpm rpm -Uvh lzo-1.08-4.rf.src.rpm rpm -Uvh rpmforge-release*
    Now we have prepared our server for the install of OpenVPN.

    Code:
    yum install openvpn -y
    Copy the contents of the “easy-rsa” folder to /etc/openvpn so we can build the certificates required to connect to the VPN.

    Code:
    cp -R /usr/share/doc/openvpn-2.*/easy-rsa/ /etc/openvpn/
    It’s time to create the certificate.

    Code:
    cd /etc/openvpn/easy-rsa/2.0</pre> </div> <div>cp openssl-1.0.0.cnf openssl.cnf chmod 755 * source ./vars ./vars ./clean-all
    The next step will actually build the certificate. It will ask you questions and they will need to be modified or you can just press “enter” to skip through most of them.

    Code:
    ./build-ca

    • Country Name: Press enter to leave unchanged
    • State or Province Name: Press enter to leave unchanged
    • Locality Name: Press enter to leave unchanged
    • Organization Name: Press enter to leave unchanged
    • Organizational Unit Name: Press enter to leave unchanged
    • Common Name: Press enter to leave unchanged
    • Name: Press enter to leave unchanged
    • Email Address: Press enter to leave unchanged


    Code:
    ./build-key-server server
    Use the same entries as build-ca, along with the following additional parameters

    • A challenge password:Leave this blank
    • An optional company name:Optional
    • Sign the certificate?: y
    • 1 out of 1 certificate requests certified, commit?: y

    Build DH Parameters (this may take a moment):
    Code:
    ./build-dh

    We will now make a configuration file for OpenVPN. You may use any text editor you like. I prefer nano and will use it for the remainder of this tutorial.
    Code:
    nano /etc/openvpn/config-default.conf

    Code:
    local x.x.x.x #- your_server_ip port 1194 #- default port proto udp #- protocol dev tun tun-mtu 1500 tun-mtu-extra 32 mssfix 1450 ca /etc/openvpn/easy-rsa/2.0/keys/ca.crt cert /etc/openvpn/easy-rsa/2.0/keys/server.crt key /etc/openvpn/easy-rsa/2.0/keys/server.key dh /etc/openvpn/easy-rsa/2.0/keys/dh1024.pem plugin /usr/share/openvpn/plugin/lib/openvpn-auth-pam.so /etc/pam.d/login client-cert-not-required username-as-common-name server 1.2.3.0 255.255.255.0 push "redirect-gateway def1" push "dhcp-option DNS 8.8.8.8" push "dhcp-option DNS 8.8.4.4" keepalive 5 30 comp-lzo persist-key persist-tun status 1194.log verb 3
    If you’re using nano you can save and close the file by “Ctrl+X” and typing “y” at the prompt asking to save changes.
    Now lets start the OpenVPN server using the configuration file we just made.

    Code:
    openvpn /etc/openvpn/config-default.conf &
    Ctrl+C to exit from the process monitor. OpenVPN should remain running in the background.
    Enable IP forwarding on the server:

    Code:
    echo 1 > /proc/sys/net/ipv4/ip_forward
    Create the iptables routes to enable traffic to flow through the VPN properly

    Code:
    iptables -t nat -A POSTROUTING -s 1.2.3.0/24 -j SNAT --to x.x.x.x


    x.x.x.x is the IP of your server.
    OpenVPN pulls it’s user data from the Linux system users, so to add users to OpenVPN we add Linux users.

    Code:
    useradd username
    
    passwd username
    “username” in both instances is the username for your user.

    Now is the time you’ve been waiting for. Lets install the OpenVPN client to our computer and try to connect to our new VPN.
    You can find the latest version of the OpenVPN desktop client on the OpenVPN website here. As of the writing of this post, version 2.2.2 was the latest stable version. When installing the client, please pay attention to the directory in which it is installed. Mainly, whether or not it is in Program Files or Program Files (x86).
    Once we have installed the OpenVPN desktop client, we need to download the key from the server that we generated earlier. We will use our SFTP client for this. I use Filezilla.
    The file can be found in /etc/openvpn/easy-rsa/2.0/keys/. You want to copy the ca.crt file to the OpenVPN config directory on your desktop. This can be found in C:\Program Files\OpenVPN\config. If you’re using Windows Visa/7 x64, this will likely be found in C:\Program Files (x86)\OpenVPN\config.

    Picture 2

    We’re now on the home stretch. Lets create a config file on our desktop that will let us connect to the VPN.
    Create a file in the same config directory and paste the following details in it. Please make sure it is not namedanything.ovpn.txt or this will not work correctly.

    Code:
    client dev tun proto udp #- protocol remote x.x.x.x 1194 #- SERVER IP and OPENVPN Port resolv-retry infinite nobind tun-mtu 1500 tun-mtu-extra 32 mssfix 1450 persist-key persist-tun ca ca.crt auth-user-pass comp-lzo verb 3
    x.x.x.x is the IP address of your server specified earlier in this tutorial.
    Now start the OpenVPN GUI Client and enter your username and password created earlier.

    Picture 3

    Congratulations, you’re now successfully connected to your new VPN. If you have any questions or issues feel free to ask. Thank you to our staff member Jonathan Wright for writing this tutorial.

    - Daniel


  2. #2
    Join Date
    Nov 2010
    Location
    Tulsa, OK
    Posts
    253
    Thank you for the guide! I've seen several OpenVPN tutorials and this is one of the most straightforward. Keeping it on my bookmarks just in case.
    Hostwinds Unlimited Web Hosting
    Cpanel/WHM | Not Oversold | Low Server Loads | Reseller / Business Plans Available
    Cloud Hosting

  3. #3
    Join Date
    Mar 2009
    Posts
    3,816
    don't use 1.* for internal IPs!

    they are publicly routed IPs being used by other people!!

  4. #4
    Join Date
    Oct 2004
    Posts
    632
    nice how to indeed!

  5. #5
    Join Date
    Jan 2006
    Location
    Alabama
    Posts
    1,449
    Quote Originally Posted by quantumphysics View Post
    don't use 1.* for internal IPs!

    they are publicly routed IPs being used by other people!!
    1.2.3.4 is for example purposes.
    KnownHost Managed VPS Specialists
    Fully Managed Shared, Reseller, VPS, KVM, WordPress, Dedicated servers and more!
    KnownHost is hiring! Click here for more information!

  6. #6
    IT may sounds strange but many VPS providers have pre-installed templates for this!

  7. #7
    Join Date
    Nov 2007
    Location
    New Jersey, USA
    Posts
    4,740
    Quote Originally Posted by trige View Post
    IT may sounds strange but many VPS providers have pre-installed templates for this!
    You are correct, but MANY do not. We posted this article on our blog and it has been getting a lot of hits, which made us post it here because it's in demand.

    - Daniel

  8. #8
    Filezilla is good as an FTP client, as you wouldn't have to actually enable FTP. If you set it to use port 22, it will transfer files over SSH, which is much more secure

  9. #9
    Ok so I am new to installing openVPN on a VPS server which is what I am currently trying to do. I know absolutely nothing about this stuff I just followed the tutorial so far. I have reached the point of making a configuration file but I am stuck. Do I have to use a text editor and save the file as config-default.conf?? Or do i just enter the info into the command line.?? I really have no idea any help would be much appreciated.

  10. #10
    Join Date
    Aug 2011
    Posts
    38
    Thank you so much! I have tried many tutorials and even the template provided by my VPS provider, but this is the only one that has worked, but maybe I did something wrong with the earlier tutorials. Thanks so much.

    AlienVPS: 199.19.116.157
    Simple, but easy
    My Website

  11. #11
    Join Date
    Nov 2007
    Location
    New Jersey, USA
    Posts
    4,740
    Quote Originally Posted by brlm2011 View Post
    Ok so I am new to installing openVPN on a VPS server which is what I am currently trying to do. I know absolutely nothing about this stuff I just followed the tutorial so far. I have reached the point of making a configuration file but I am stuck. Do I have to use a text editor and save the file as config-default.conf?? Or do i just enter the info into the command line.?? I really have no idea any help would be much appreciated.
    Jonathan will be in soon and he will get this question answered for you.

    Quote Originally Posted by hxrsmurf View Post
    Thank you so much! I have tried many tutorials and even the template provided by my VPS provider, but this is the only one that has worked, but maybe I did something wrong with the earlier tutorials. Thanks so much.

    AlienVPS: 199.19.116.157
    I am glad you found this tutorial useful.

    - Daniel

  12. #12
    Join Date
    Jan 2006
    Location
    Alabama
    Posts
    1,449
    Quote Originally Posted by Abhinandangarg View Post
    Filezilla is good as an FTP client, as you wouldn't have to actually enable FTP. If you set it to use port 22, it will transfer files over SSH, which is much more secure
    I did list SFTP client as a requirement, because I did recommend in the tutorial using SFTP over SSH versus standard FTP.

    Quote Originally Posted by brlm2011 View Post
    Ok so I am new to installing openVPN on a VPS server which is what I am currently trying to do. I know absolutely nothing about this stuff I just followed the tutorial so far. I have reached the point of making a configuration file but I am stuck. Do I have to use a text editor and save the file as config-default.conf?? Or do i just enter the info into the command line.?? I really have no idea any help would be much appreciated.
    Which configuration file are you trying to make? If you're trying to make the one on the server, I would recommend "nano", or if the one for the client, you can just use notepad.

    Alternatively, you can use Notepad for both and simply upload the one for the server via SFTP.

    Quote Originally Posted by hxrsmurf View Post
    Thank you so much! I have tried many tutorials and even the template provided by my VPS provider, but this is the only one that has worked, but maybe I did something wrong with the earlier tutorials. Thanks so much.

    AlienVPS: censored
    I'm glad to hear that the tutorial worked out for you!
    KnownHost Managed VPS Specialists
    Fully Managed Shared, Reseller, VPS, KVM, WordPress, Dedicated servers and more!
    KnownHost is hiring! Click here for more information!

  13. #13
    Join Date
    Nov 2007
    Location
    New Jersey, USA
    Posts
    4,740
    I also got this in a PM and wanted to post it here in case someone else is having this issue:

    Hey, so i looked at your guide and gave it a go. But when i got to wget http://openvpn.net/release/lzo-1.08-4.rf.src.rpm
    wget http://pkgs.repoforge.org/rpmforge-r....rf.x86_64.rpm
    it did not work, it said invalid command.
    - Daniel

  14. #14
    Join Date
    Oct 2008
    Posts
    237
    Quote Originally Posted by TmzHosting View Post
    I also got this in a PM and wanted to post it here in case someone else is having this issue:
    You need to have wget installed. Many VPS templates omit it. Just do:

    yum install wget
    Your real IP address -- That proxy may not be as anonymous as you think! Now with IPv6 support!

  15. #15
    Join Date
    Jan 2006
    Location
    Alabama
    Posts
    1,449
    Quote Originally Posted by error10 View Post
    You need to have wget installed. Many VPS templates omit it. Just do:

    yum install wget
    OR, for Debian-based distro's:

    Code:
    apt-get install wget
    KnownHost Managed VPS Specialists
    Fully Managed Shared, Reseller, VPS, KVM, WordPress, Dedicated servers and more!
    KnownHost is hiring! Click here for more information!

  16. #16
    Thanks for this, If you dont mind i have put it on my site.

    I have put where it originated from.

    -BoxyVPS

  17. #17
    Join Date
    Jun 2012
    Location
    Cardiff, Wales, UK
    Posts
    24
    Very useful, detailed and informative tutorial!

  18. #18
    Join Date
    Nov 2007
    Location
    New Jersey, USA
    Posts
    4,740
    Quote Originally Posted by BoxyVPS View Post
    Thanks for this, If you dont mind i have put it on my site.

    I have put where it originated from.

    -BoxyVPS
    Can you please share the link where it is posted. It really originated from our blog.

    - Daniel

  19. #19
    Join Date
    Aug 2011
    Location
    India
    Posts
    449
    Awesome tutorial.
    Ultimatehostings
    Fully Managed Services

  20. #20
    Join Date
    Jan 2007
    Posts
    184
    great tut

    years i couldnt figure this stuff out

    now i already set this up on 10 of my systems!

    <3

  21. #21
    Join Date
    Nov 2007
    Location
    New Jersey, USA
    Posts
    4,740

    Talking

    Quote Originally Posted by doughnet View Post
    great tut

    years i couldnt figure this stuff out

    now i already set this up on 10 of my systems!

    <3
    I am glad you have found this article useful.

    - Daniel

  22. #22
    Join Date
    Apr 2010
    Location
    In your heart
    Posts
    631
    really great tutorial,
    Web Hosting in Pakistan -> Fast Hosting,(25 minute initial ticket response time guarantee)
    Hosting in Pakistan -> Keep your site online with Cheap Price

  23. #23
    Join Date
    Jan 2012
    Posts
    60
    I keep getting this

    Code:
    Connecting to apt.sw.be|193.1.193.67|:80... connected.
    -bash: 193.1.193.67: command not found
    -bash: :80...: command not found
    -bash: Connecting: command not found
    [root@myvps ~]# HTTP request sent, awaiting response... 404 Not Found
    -bash: HTTP: command not found
    [root@myvps ~]# 2012-08-03 17:32:00 ERROR 404: Not Found.
    -bash: 2012-08-03: command not found
    When trying to install this
    wget http://pkgs.repoforge.org/rpmforge-r....rf.x86_64.rpm

  24. #24
    Join Date
    Mar 2012
    Location
    Wales
    Posts
    14
    Nice tutorial!

  25. #25
    Join Date
    Jan 2011
    Posts
    61
    Hi.

    Please pardon my ignorance but if I want to use vpn with torrent client do I need to set the torrent client to use the port of the vpn or I will still be able to use a random port in my torrent client?

    Thank you for help.

    D

Page 1 of 2 12 LastLast

Similar Threads

  1. How to install OpenVPN on Ubuntu VPS
    By mana333 in forum VPS Tutorials
    Replies: 15
    Last Post: 08-15-2015, 12:44 AM
  2. How could I install OpenVPN on a VPS using a Mac
    By Iliad in forum VPS Hosting
    Replies: 11
    Last Post: 03-11-2012, 09:14 PM
  3. How to install OpenVPN on Ubuntu VPS
    By mana333 in forum Hosting Security and Technology Tutorials
    Replies: 6
    Last Post: 03-01-2012, 06:33 PM
  4. Need Someone To Install OpenVPN onto VPS
    By TorontoPoker in forum Employment / Job Offers
    Replies: 1
    Last Post: 10-09-2011, 12:49 AM
  5. how can i install openvpn in centos server
    By soltany in forum Hosting Security and Technology
    Replies: 7
    Last Post: 09-08-2007, 06:03 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •