Setting up a VPN is a great way for a server to share network resources with a client. Configuring one, however, can seem a little intimidating to some users. In this tutorial, we’ll show you how to setup a VPN using OpenVPN on Ubuntu 22.04 Jammy Jellyfish, while managing to avoid advanced configuration and technical jargon along the way.
In this tutorial you will learn:
- How to install OpenVPN
- How to configure an OpenVPN Server
- How to connect to a VPN server from client machine
- How to verify a successful VPN connection
| Category | Requirements, Conventions or Software Version Used |
|---|---|
| System | Ubuntu 22.04 Jammy Jellyfish |
| Software | OpenVPN |
| Other | Privileged access to your Linux system as root or via the sudo command. |
| Conventions |
# – requires given linux commands to be executed with root privileges either directly as a root user or by use of sudo command$ – requires given linux commands to be executed as a regular non-privileged user |
OpenVPN Server setup
In this section, we will cover the steps to setup OpenVPN Server. A server listens for incoming connections from clients, and grants them access to the network upon successful authentication. If you only need to setup OpenVPN Client, which gives you the ability to connect to remote servers, then skip ahead to the next section.
- Start by opening a command line terminal and typing the following command to install OpenVPN Server:
$ sudo apt update $ sudo apt install openvpn
- Once OpenVPN is installed, we need to generate a static key to be used for VPN tunnel encryption:
$ openvpn --genkey --secret static-OpenVPN.key
- Next, we need to start the OpenVPN server in order to accept incoming connection requests:
$ sudo openvpn --dev tun --ifconfig 172.16.0.1 172.16.0.2 --cipher AES-256-CBC --secret static-OpenVPN.key &
Note that the
&ersand in the above command will background the OpenVPN process so it won’t be necessary to keep a terminal open for the service to continue running.Starting OpenVPN process to receive connections - If you’ve followed along correctly, your system should now have a new network interface named
tun0with an IP address of172.16.0.1. Type this command to verify:$ ip a show tun0
Tunnel interface created on OpenVPN server - For additional verification that the VPN server is operating correctly, check that UDP port 1194 is open on your system:
$ netstat -anu | grep 1194
UDP port 1194 is opened for connections NOTE
You may need to install net-tools for thenetstatcommand to work. Use this command:sudo apt install net-tools - Lastly, enter this command to configure Ubuntu’s UFW firewall to allow incoming connections on UDP port 1194:
$ sudo ufw allow from any to any port 1194 proto udp
Allow UDP port 1194 through UFW
That’s all the configuration you’ll need to do for the OpenVPN Server. It should now be capable of receiving incoming connections.
OpenVPN Client setup
Now we will cover how to use OpenVPN Client in order to connect to a OpenVPN Server. Follow the steps in this section if you wish to connect to your server from a remote client.
- Start by opening a terminal and typing the following command to install OpenVPN Server:
$ sudo apt install openvpn
- Your client machine will need the
static-OpenVPN.keyencryption key file from the OpenVPN Server in order to connect. Transfer the file from the server to the client in a secure manner, withscp(secure copy) for example.This is the command we’d issue from our client machine. Use your own
scpcommand or another secure method to transfer the file:$ scp user1@linuxconfig:/home/user1/static-OpenVPN.key .
- Now, we’re ready to establish a VPN tunnel to the server. Use this command but replace the
YOUR-OPENVPN-SERVER-IP-OR-HOSTstring with the IP address or hostname of the VPN server you’re connecting to:$ sudo openvpn --remote YOUR-OPENVPN-SERVER-IP-OR-HOST --dev tun --ifconfig 172.16.0.1 172.16.0.2 --cipher AES-256-CBC --secret static-OpenVPN.key &
- The VPN tunnel creation may take few seconds. If successful, you should see the following message:
Initialization Sequence Completed
- To confirm a successful connection to the VPN server, try pinging a host on the remote network:
$ ping -c 1 172.16.0.1 PING 172.16.0.1 (172.16.0.1) 56(84) bytes of data. 64 bytes from 172.16.0.1: icmp_seq=1 ttl=64 time=0.061 ms --- 172.16.0.1 ping statistics --- 1 packets transmitted, 1 received, 0% packet loss, time 0ms rtt min/avg/max/mdev = 0.061/0.061/0.061/0.000 ms
Your VPN connection is now established.
Closing Thoughts
In this tutorial, we learned how to configure a VPN server to receive incoming connections with OpenVPN on Ubuntu 22.04 Jammy Jellyfish Linux. We also saw how to connect to a VPN server from a client machine. Using the methods illustrated in this guide should allow you to establish a secure VPN connection between a server and client machine.