Did you know  45Drives offers free  public and private  webinars ? Click here to learn more  & register! Build & Price

KB450305 – Configuring OpenVPN on Ubuntu

You are here:

Scope/Description

In this guide we will be running through the steps to configure OpenVPN on Ubuntu to a windows client

*It is also possible to have Mac as the client through the use of other methods such as viscosity*

Prerequisites

  • Ubuntu 20.04 Installed

Steps

  • Find your WAN IP by either going to google and typing “what is my ip” or running the following in the terminal “dig +short myip.opendns.com @resolver1.opendns.com”
  • Run the following script –
curl -O https://raw.githubusercontent.com/angristan/openvpn-install/master/openvpn-install.sh

or if curl is not installed

wget https://raw.githubusercontent.com/angristan/openvpn-install/master/openvpn-install.sh
  • Then make the script executable by running
chmod +x openvpn-install.sh
  • Run the script
./openvpn-install.sh
  • Enter your public IP address and the following when prompted
--Do you want to enable IPv6 support (NAT)? [y/n]: n

--What port do you want OpenVPN to listen to?
1) Default: 1194
2) Custom
3) Random [49152-65535]

Port choice [1-3]: 1

--What protocol do you want OpenVPN to use?
UDP is faster. Unless it is not available, you shouldn't use TCP.
1) UDP
2) TCP

Protocol [1-2]: 1

--What DNS resolvers do you want to use with the VPN?
1) Current system resolvers (from /etc/resolv.conf)
2) Self-hosted DNS Resolver (Unbound)
3) Cloudflare (Anycast: worldwide)
4) Quad9 (Anycast: worldwide)
5) Quad9 uncensored (Anycast: worldwide)
6) FDN (France)
7) DNS.WATCH (Germany)
8) OpenDNS (Anycast: worldwide)
9) Google (Anycast: worldwide)
10) Yandex Basic (Russia)
11) AdGuard DNS (Anycast: worldwide)
12) NextDNS (Anycast: worldwide)
13) Custom

DNS [1-12]: 1

we'll select out own DNS if you're running off googles DNS select 9

--Do you want to use compression? It is not recommended since the VORACLE attack make use of it.
Enable compression? [y/n]: n

--Customize encryption settings? [y/n]: n

--Enter a name for the client

Do you want to protect the configuration file with a password?
(e.g. encrypt the private key with a password)
1) Add a passwordless client
2) Use a password for the client

Select an option [1-2]: 1
  • Allow the openvpn port on the server side by doing any of the following
In the Houston UI:  network --> add services enter "1194"
In the terminal: firewall-cmd --permanent --zone=public --add-port=1194/udp

You must also allow that port on the router side as well, it differs a bit on each router but if you we’re to sign into the web UI of your router in advanced you should see a tab to allow certain ports or depending on the make and model it may have integrated VPN functionality

  • Restart the OpenVPN service
systemctl restart openvpn
  • check status of OpenVPN
systemctl status openvpn
  • Transfer the newly created .ovpn file to the client, we’ll be creating an SMB share and copying it to the dataset and putting it on our desktop where we can easily find it
  • Download the OpenVPN client for windows

Community Downloads

–Select Windows 64-bit MSI installer

  • After running through the installer go to the taskbar and look for the OpenVPN button, right click and select “import file” you should then be able to connect to the VPN

 

Verification:

Troubleshooting:

Was this article helpful?
Dislike 0
Views: 28
Unboxing Racking Storage Drives Cable Setup Power UPS Sizing Remote Access