Basic Ubuntu 22.04 OpenVPN Client/Server connection setup

Setting up a VPN is a great way for a server to share network resources with a client. Configuring one, however, can seem a little intimidating to some users. In this tutorial, we’ll show you how to setup a VPN using OpenVPN on Ubuntu 22.04 Jammy Jellyfish, while managing to avoid advanced configuration and technical jargon along the way.

In this tutorial you will learn:

  • How to install OpenVPN
  • How to configure an OpenVPN Server
  • How to connect to a VPN server from client machine
  • How to verify a successful VPN connection
Starting OpenVPN Server on Ubuntu 22.04
Starting OpenVPN Server on Ubuntu 22.04
Software Requirements and Linux Command Line Conventions
Category Requirements, Conventions or Software Version Used
System Ubuntu 22.04 Jammy Jellyfish
Software OpenVPN
Other Privileged access to your Linux system as root or via the sudo command.
Conventions # – requires given linux commands to be executed with root privileges either directly as a root user or by use of sudo command
$ – requires given linux commands to be executed as a regular non-privileged user

OpenVPN Server setup



Twitter icon Follow LinuxConfig.org on Twitter for the latest tips and tricks about Linux!


In this section, we will cover the steps to setup OpenVPN Server. A server listens for incoming connections from clients, and grants them access to the network upon successful authentication. If you only need to setup OpenVPN Client, which gives you the ability to connect to remote servers, then skip ahead to the next section.

  1. Start by opening a command line terminal and typing the following command to install OpenVPN Server:
    $ sudo apt update
    $ sudo apt install openvpn
    
  2. Once OpenVPN is installed, we need to generate a static key to be used for VPN tunnel encryption:
    $ openvpn --genkey --secret static-OpenVPN.key
    
  3. Next, we need to start the OpenVPN server in order to accept incoming connection requests:
    $ sudo openvpn --dev tun --ifconfig 172.16.0.1 172.16.0.2 --cipher AES-256-CBC --secret static-OpenVPN.key &
    

    Note that the & ampersand in the above command will background the OpenVPN process so it won’t be necessary to keep a terminal open for the service to continue running.

    Starting OpenVPN process to receive connections
    Starting OpenVPN process to receive connections
  4. If you’ve followed along correctly, your system should now have a new network interface named tun0 with an IP address of 172.16.0.1. Type this command to verify:
    $ ip a show tun0
    




    Tunnel interface created on OpenVPN server
    Tunnel interface created on OpenVPN server

  5. For additional verification that the VPN server is operating correctly, check that UDP port 1194 is open on your system:
    $ netstat -anu | grep 1194
    
    UDP port 1194 is opened for connections
    UDP port 1194 is opened for connections
    NOTE
    You may need to install net-tools for the netstat command to work. Use this command: sudo apt install net-tools
  6. Lastly, enter this command to configure Ubuntu’s UFW firewall to allow incoming connections on UDP port 1194:
    $ sudo ufw allow from any to any port 1194 proto udp
    
    Allow UDP port 1194 through UFW
    Allow UDP port 1194 through UFW

That’s all the configuration you’ll need to do for the OpenVPN Server. It should now be capable of receiving incoming connections.

OpenVPN Client setup




Now we will cover how to use OpenVPN Client in order to connect to a OpenVPN Server. Follow the steps in this section if you wish to connect to your server from a remote client.

  1. Start by opening a terminal and typing the following command to install OpenVPN Server:
    $ sudo apt install openvpn
    
  2. Your client machine will need the static-OpenVPN.key encryption key file from the OpenVPN Server in order to connect. Transfer the file from the server to the client in a secure manner, with scp (secure copy) for example.

    This is the command we’d issue from our client machine. Use your own scp command or another secure method to transfer the file:

    $ scp user1@linuxconfig:/home/user1/static-OpenVPN.key .
    
  3. Now, we’re ready to establish a VPN tunnel to the server. Use this command but replace the YOUR-OPENVPN-SERVER-IP-OR-HOST string with the IP address or hostname of the VPN server you’re connecting to:
    $ sudo openvpn --remote YOUR-OPENVPN-SERVER-IP-OR-HOST --dev tun --ifconfig 172.16.0.1 172.16.0.2 --cipher AES-256-CBC --secret static-OpenVPN.key &
    
  4. The VPN tunnel creation may take few seconds. If successful, you should see the following message:
    Initialization Sequence Completed
    
  5. To confirm a successful connection to the VPN server, try pinging a host on the remote network:
    $ ping -c 1 172.16.0.1
    PING 172.16.0.1 (172.16.0.1) 56(84) bytes of data.
    64 bytes from 172.16.0.1: icmp_seq=1 ttl=64 time=0.061 ms
    
    --- 172.16.0.1 ping statistics ---
    1 packets transmitted, 1 received, 0% packet loss, time 0ms
    rtt min/avg/max/mdev = 0.061/0.061/0.061/0.000 ms
    



Twitter icon Follow LinuxConfig.org on Twitter for the latest tips and tricks about Linux!


Your VPN connection is now established.

Closing Thoughts

In this tutorial, we learned how to configure a VPN server to receive incoming connections with OpenVPN on Ubuntu 22.04 Jammy Jellyfish Linux. We also saw how to connect to a VPN server from a client machine. Using the methods illustrated in this guide should allow you to establish a secure VPN connection between a server and client machine.