Update and Upgrade the system
#apt-get update -y && apt-get upgrade -y
Find and note down your IP address, use the ip command as follows;
#ip addr
#ip a show eth0
If the public IP address not showed, use the dig command/host command
#dig +short myip.opendns.com @resolver1.opendns.com
OR
#dig TXT +short o-o.myaddr.l.google.com @ns1.google.com | awk -F'"' '{ print $2}'
Download and run openvpn-install.sh script
#wget https://git.io/vpn -O openvpn-install.sh
#wget https://vpshelpdesk.com/files/openvpn-install.sh
OR
#wget https://git.io/vpn -O openvpn-install.sh
Connecting to raw.githubusercontent.com (raw.githubusercontent.com)|151.101.76.133|:443... connected.
HTTP request sent, awaiting response... 200 OK
Length: 23079 (23K) [text/plain]
Saving to: ‘openvpn-install.sh’
openvpn-install.sh 100%[============================================================================>] 22.54K --.-KB/s in 0.001s
2020-10-26 14:33:15 (25.0 MB/s) - ‘openvpn-install.sh’ saved [23079/23079]
root@iZj6cij2s4ft9b2k2h81nmZ:/home#
Setup permissions using the chmod command:
#chmod +x openvpn-install.sh
One can view the script using a text editor such as nano/vim:
#nano openvpn-install.sh
Run openvpn-install.sh to install OpenVPN server
#./openvpn-install.sh
Follow the instruction
Welcome to this OpenVPN road warrior installer!
This server is behind NAT. What is the public IPv4 address or hostname?
Public IPv4 address / hostname [222.222.222.1]:
Which protocol should OpenVPN use?
1) UDP (recommended)
2) TCP
Protocol [1]:
What port should OpenVPN listen to?
Port [1194]:
Select a DNS server for the clients:
1) Current system resolvers
2) Google
3) 1.1.1.1
4) OpenDNS
5) Quad9
6) AdGuard
DNS server [1]:
Enter a name for the first client:
Name [client]: client1
OpenVPN installation is ready to begin.
Press any key to continue...
..................
..................
Finished!
The client configuration is available in: /root/client1.ovpn
New clients can be added by running this script again.
root@iZj6cij2s4ft9b2k2h81nmZ:~#
Check if the OpenVPN server has been installed successfully, the tun0 available with #ip addr or #ifconfig
root@iZj6cij2s4ft9b2k2h81nmZ:~# ip addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000
link/ether 00:16:3e:06:54:02 brd ff:ff:ff:ff:ff:ff
inet 172.01.1.12/20 brd 172.01.143.255 scope global dynamic eth0
valid_lft 315358011sec preferred_lft 315358011sec
inet6 fe80::216:3eff:fe06:5402/64 scope link
valid_lft forever preferred_lft forever
3: tun0: <POINTOPOINT,MULTICAST,NOARP,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UNKNOWN group default qlen 100
link/none
inet 10.8.0.1/24 brd 10.8.0.255 scope global tun0
valid_lft forever preferred_lft forever
Start/stop/restart OpenVPN server with systemctl command:
#systemctl stop [email protected]
#systemctl start [email protected]
#systemctl restart [email protected]
#systemctl status [email protected]
To add more client run the openvpn-install.sh again
root@iZj6cij2s4ft9b2k2h81nmZ:~# ./openvpn-install.sh
OpenVPN is already installed.
Select an option:
1) Add a new client
2) Revoke an existing client
3) Remove OpenVPN
4) Exit
Option: 1
Provide a name for the client:
Name: client2
Using SSL: openssl OpenSSL 1.1.1 11 Sep 2018
Generating a RSA private key
.........................................................................................................................................................................+++++
.............................................+++++
writing new private key to '/etc/openvpn/server/easy-rsa/pki/easy-rsa-1952.6girut/tmp.4cIY4C'
-----
Using configuration from /etc/openvpn/server/easy-rsa/pki/easy-rsa-1952.6girut/tmp.07hFfF
Check that the request matches the signature
Signature ok
The Subject's Distinguished Name is as follows
commonName :ASN.1 12:'client2'
Certificate is to be certified until Oct 24 06:48:16 2030 GMT (3650 days)
Write out database with 1 new entries
Data Base Updated
client2 added. Configuration available in: /root/client2.ovpn
root@iZj6cij2s4ft9b2k2h81nmZ:~#
To connect the OpenVPN server with OpenVPN Client download the client configuration (client.ovpn, client2.ovpn, etc), use WinSPC to download