Sie sind auf Seite 1von 12

How to Install OpenVPN on a VPS or Dedicated Server (W

Thread: How to Install OpenVPN on a VPS or Dedicated Server (With Pictures)

If this is your rst visit, be sure to check out the FAQ by clicking the link above. You
may have to register before you can post: click the register link above to proceed. To
start viewing messages, select the forum that you want to visit from the selection
below.
Tags: dedicated, install openvpn, openvpn setup, vps
1

TmzHosting said:
06-27-2012 12:35 PM

How to Install OpenVPN on a VPS or Dedicated Server (With Pictures)


You must be hearing a lot about VPNs these days. We have witnessed the demand for
VPNs rising rapidly in recent years. Moreover, Google trends also show the rise in the
search trend of VPN and VPN-related keywords.
VPN stands for Virtual Private Network, and there are many reasons why people use
them. Security, Internet Censorship, and privacy on public Wi-Fi are just a few of the
many reasons. In this article I will be discussing how to install OpenVPN on a VPS or
dedicated server to allow you to have VPN connections to your server.
For this tutorial, we will be installing OpenVPN on a VPS running CentOS 6.x 64-bit
with 1GB of RAM.
Requirements
Vanilla OS install (preferable)
64MB of RAM (128MB recommended)
Root SSH Access
TUN/TAP
SFTP Client
First and foremost we need to connect to our server via SSH. If you do not have an
SSH client installed, I would highly recommend PuTTy. Its free and you can nd it via
a quick Google search. I use SecureCRT, as it makes saving my SSH sessions very
easy.
Picture 1
Once you are connected via SSH we can get to work. The next thing we need to do is
verify that TUN/TAP is enabled. To do this run the following:
Code: [View]
cat /dev/net/tun

If TUN/TAP is enabled, it will return the following:


Code: [View]
[root@vpn ~]# cat /dev/net/tun
cat: /dev/net/tun: File descriptor in bad state

If you get anything else, you will need to contact your hosting provider to have TUN
enabled. Generally if it is disabled it will return a le not found message.
We will proceed by installing some modules which will be required later on in the
install process.
Code: [View]
yum install gcc make rpm-build zlib-devel pam-devel openssl openssl-devel autoconf.noarch nano -y

Lets download the OpenVPN REPO and RPMForge REPO install les.
CentOS 6.x 64-bit
Code: [View]
wget http://openvpn.net/release/lzo-1.08-4.rf.src.rpm
wget http://pkgs.repoforge.org/rpmforge-r....rf.x86_64.rpm

If you are using CentOS 5.x, change the el6 in the second URL to el5. If youre using
the 32-bit version of your OS, change x86_64 to read i386

Next we need to build and install the RPM packages we just downloaded.
Code: [View]
rpmbuild --rebuild lzo-1.08-4.rf.src.rpm
rpm -Uvh lzo-1.08-4.rf.src.rpm
rpm -Uvh rpmforge-release*

Now we have prepared our server for the install of OpenVPN.


Code: [View]
yum install openvpn -y

Copy the contents of the easy-rsa folder to /etc/openvpn so we can build the
certicates required to connect to the VPN.
Code: [View]
cp -R /usr/share/doc/openvpn-2.*/easy-rsa/ /etc/openvpn/

Its time to create the certicate.


Code: [View]
cd /etc/openvpn/easy-rsa/2.0</pre>
</div>
<div>cp openssl-1.0.0.cnf openssl.cnf
chmod 755 *

The next step will actually build the certicate. It will ask you questions and they will
need to be modied or you can just press enter to skip through most of them.
Code: [View]
./build-ca

Country Name: Press enter to leave unchanged


State or Province Name: Press enter to leave unchanged
Locality Name: Press enter to leave unchanged
Organization Name: Press enter to leave unchanged
Organizational Unit Name: Press enter to leave unchanged
Common Name: Press enter to leave unchanged
Name: Press enter to leave unchanged
Email Address: Press enter to leave unchanged

Code: [View]
./build-key-server server

Use the same entries as build-ca, along with the following additional parameters
A challenge password:Leave this blank
An optional company name:Optional
Sign the certicate?: y
1 out of 1 certicate requests certied, commit?: y
Build DH Parameters (this may take a moment):
Code: [View]
./build-dh

We will now make a conguration le for OpenVPN. You may use any text editor you
like. I prefer nano and will use it for the remainder of this tutorial.
Code: [View]
nano /etc/openvpn/cong-default.conf

Code: [View]
local x.x.x.x #- your_server_ip
port 1194 #- default port
proto udp #- protocol
dev tun

If youre using nano you can save and close the le by Ctrl+X and typing y at the
prompt asking to save changes.
Now lets start the OpenVPN server using the conguration le we just made.
Code: [View]
openvpn /etc/openvpn/cong-default.conf &

Ctrl+C to exit from the process monitor. OpenVPN should remain running in the
background.
Enable IP forwarding on the server:
Code: [View]
echo 1 > /proc/sys/net/ipv4/ip_forward

Create the iptables routes to enable trac to ow through the VPN properly
Code: [View]
iptables -t nat -A POSTROUTING -s 1.2.3.0/24 -j SNAT --to x.x.x.x

x.x.x.x is the IP of your server.


OpenVPN pulls its user data from the Linux system users, so to add users to OpenVPN
we add Linux users.
Code: [View]
useradd username
passwd username

username in both instances is the username for your user.


Now is the time youve been waiting for. Lets install the OpenVPN client to our
computer and try to connect to our new VPN.
You can nd the latest version of the OpenVPN desktop client on the OpenVPN website
here. As of the writing of this post, version 2.2.2 was the latest stable version. When
installing the client, please pay attention to the directory in which it is installed.
Mainly, whether or not it is in Program Files or Program Files (x86).
Once we have installed the OpenVPN desktop client, we need to download the key from
the server that we generated earlier. We will use our SFTP client for this. I use Filezilla.
The le can be found in /etc/openvpn/easy-rsa/2.0/keys/. You want to copy the
ca.crt le to the OpenVPN cong directory on your desktop. This can be found in

C:\Program Files\OpenVPN\cong. If youre using Windows Visa/7 x64, this will likely
be found in C:\Program Files (x86)\OpenVPN\cong.
Picture 2
Were now on the home stretch. Lets create a cong le on our desktop that will let us
connect to the VPN.
Create a le in the same cong directory and paste the following details in it. Please
make sure it is not namedanything.ovpn.txt or this will not work correctly.
Code: [View]
client
dev tun
proto udp #- protocol
remote x.x.x.x 1194 #- SERVER IP and OPENVPN Port

x.x.x.x is the IP address of your server specied earlier in this tutorial.


Now start the OpenVPN GUI Client and enter your username and password created
earlier.
Picture 3
Congratulations, youre now successfully connected to your new VPN. If you have any
questions or issues feel free to ask. Thank you to our sta member Jonathan Wright
for writing this tutorial.
- Daniel
Managed & Unmanaged VPS's [OpenVZ & KVM] by tmzVPS.com | FAST SSD Accelerated Plans!
Locations in California, Florida & London - Legal Adult Content Allowed! 24/7 Certied Support.
DDOS Protected VPS [KVM] - cPanel/WHM | Premium Softaculous | Data Migration Included!
INSTANT SETUP | Paypal, Skrill, 2checkout, BitCoin & all Major Credit Cards Accepted!

HostWinds said:
06-28-2012 11:57 AM
Thank you for the guide! I've seen several OpenVPN tutorials and this is one of the
most straightforward. Keeping it on my bookmarks just in case.
Hostwinds Unlimited Web Hosting
Cpanel/WHM | Not Oversold | Low Server Loads | Reseller / Business Plans Available
VPS Hosting | OpenVZ | SolusVM | Popular Distributions | Windows VPS's

quantumphysics said:
06-28-2012 12:09 PM
don't use 1.* for internal IPs!
they are publicly routed IPs being used by other people!!
mirACL: rewalls in software.

ServerZoo said:

06-28-2012 12:19 PM
nice how to indeed!

KnownHost-Jonathan said:
06-28-2012 01:00 PM
Originally Posted by quantumphysics
don't use 1.* for internal IPs!
they are publicly routed IPs being used by other people!!
1.2.3.4 is for example purposes.
KnownHost Managed VPS Specialists
Fully Managed VPS and Dedicated Servers
RocketVPS.com - Premium Unmanaged VPS Hosting
KnownHost is hiring ! Click here for more informatio n!

trige said:
06-28-2012 03:40 PM
IT may sounds strange but many VPS providers have pre-installed templates for this!

TmzHosting said:
06-28-2012 04:22 PM
Originally Posted by trige
IT may sounds strange but many VPS providers have pre-installed templates for
this!
You are correct, but MANY do not. We posted this article on our blog and it has been
getting a lot of hits, which made us post it here because it's in demand.
- Daniel
Managed & Unmanaged VPS's [OpenVZ & KVM] by tmzVPS.com | FAST SSD Accelerated Plans!
Locations in California, Florida & London - Legal Adult Content Allowed! 24/7 Certied Support.
DDOS Protected VPS [KVM] - cPanel/WHM | Premium Softaculous | Data Migration Included!
INSTANT SETUP | Paypal, Skrill, 2checkout, BitCoin & all Major Credit Cards Accepted!

Abhinandangarg said:
06-29-2012 05:26 AM
Filezilla is good as an FTP client, as you wouldn't have to actually enable FTP. If you
set it to use port 22, it will transfer les over SSH, which is much more secure

brlm2011 said:

06-30-2012 11:27 PM
Ok so I am new to installing openVPN on a VPS server which is what I am
currently trying to do. I know absolutely nothing about this stu I just followed the
tutorial so far. I have reached the point of making a conguration le but I am stuck.
Do I have to use a text editor and save the le as cong-default.conf?? Or do i just
enter the info into the command line.?? I really have no idea any help would be much
appreciated.

hxrsmurf said:
07-01-2012 07:50 PM
Thank you so much! I have tried many tutorials and even the template provided by my
VPS provider, but this is the only one that has worked, but maybe I did something
wrong with the earlier tutorials. Thanks so much.
AlienVPS: 199.19.116.157
Simple, but easy
My Website

TmzHosting said:
07-02-2012 07:22 AM
Originally Posted by brlm2011
Ok so I am new to installing openVPN on a VPS server which is what I am currently
trying to do. I know absolutely nothing about this stu I just followed the tutorial so
far. I have reached the point of making a conguration le but I am stuck. Do I have
to use a text editor and save the le as cong-default.conf?? Or do i just enter the
info into the command line.?? I really have no idea any help would be much
appreciated.
Jonathan will be in soon and he will get this question answered for you.
Originally Posted by hxrsmurf
Thank you so much! I have tried many tutorials and even the template provided by
my VPS provider, but this is the only one that has worked, but maybe I did
something wrong with the earlier tutorials. Thanks so much.
AlienVPS: 199.19.116.157
I am glad you found this tutorial useful.
- Daniel
Managed & Unmanaged VPS's [OpenVZ & KVM] by tmzVPS.com | FAST SSD Accelerated Plans!
Locations in California, Florida & London - Legal Adult Content Allowed! 24/7 Certied Support.
DDOS Protected VPS [KVM] - cPanel/WHM | Premium Softaculous | Data Migration Included!
INSTANT SETUP | Paypal, Skrill, 2checkout, BitCoin & all Major Credit Cards Accepted!

KnownHost-Jonathan said:
07-02-2012 12:32 PM

Originally Posted by Abhinandangarg


Filezilla is good as an FTP client, as you wouldn't have to actually enable FTP. If you
set it to use port 22, it will transfer les over SSH, which is much more secure
I did list SFTP client as a requirement, because I did recommend in the tutorial using
SFTP over SSH versus standard FTP.
Originally Posted by brlm2011
Ok so I am new to installing openVPN on a VPS server which is what I am currently
trying to do. I know absolutely nothing about this stu I just followed the tutorial so
far. I have reached the point of making a conguration le but I am stuck. Do I have
to use a text editor and save the le as cong-default.conf?? Or do i just enter the
info into the command line.?? I really have no idea any help would be much
appreciated.
Which conguration le are you trying to make? If you're trying to make the one on
the server, I would recommend "nano", or if the one for the client, you can just use
notepad.
Alternatively, you can use Notepad for both and simply upload the one for the server
via SFTP.
Originally Posted by hxrsmurf
Thank you so much! I have tried many tutorials and even the template provided by
my VPS provider, but this is the only one that has worked, but maybe I did
something wrong with the earlier tutorials. Thanks so much.
AlienVPS: censored
I'm glad to hear that the tutorial worked out for you!
KnownHost Managed VPS Specialists
Fully Managed VPS and Dedicated Servers
RocketVPS.com - Premium Unmanaged VPS Hosting
KnownHost is hiring ! Click here for more informatio n!

TmzHosting said:
07-02-2012 12:37 PM

I also got this in a PM and wanted to post it here in case someone else is having this
issue:
Hey, so i looked at your guide and gave it a go. But when i got to wget
http://openvpn.net/release/lzo-1.08-4.rf.src.rpm
wget http://pkgs.repoforge.org/rpmforge-r....rf.x86_64.rpm
it did not work, it said invalid command.
- Daniel
Managed & Unmanaged VPS's [OpenVZ & KVM] by tmzVPS.com | FAST SSD Accelerated Plans!
Locations in California, Florida & London - Legal Adult Content Allowed! 24/7 Certied Support.
DDOS Protected VPS [KVM] - cPanel/WHM | Premium Softaculous | Data Migration Included!
INSTANT SETUP | Paypal, Skrill, 2checkout, BitCoin & all Major Credit Cards Accepted!

error10 said:
07-02-2012 12:47 PM
Originally Posted by TmzHosting
I also got this in a PM and wanted to post it here in case someone else is having this
issue:
You need to have wget installed. Many VPS templates omit it. Just do:
yum install wget
Your real IP address -- That proxy may not be as anonymous as you think! Now with IPv6 support!

KnownHost-Jonathan said:
07-02-2012 01:49 PM
Originally Posted by error10
You need to have wget installed. Many VPS templates omit it. Just do:
yum install wget
OR, for Debian-based distro's:
Code: [View]
apt-get install wget

KnownHost Managed VPS Specialists


Fully Managed VPS and Dedicated Servers
RocketVPS.com - Premium Unmanaged VPS Hosting
KnownHost is hiring ! Click here for more informatio n!

BoxyVPS said:
07-04-2012 03:04 PM

Thanks for this, If you dont mind i have put it on my site.


I have put where it originated from.
-BoxyVPS

GH-Chris said:
07-04-2012 03:08 PM
Very useful, detailed and informative tutorial!

TmzHosting said:
07-04-2012 04:36 PM
Originally Posted by BoxyVPS
Thanks for this, If you dont mind i have put it on my site.
I have put where it originated from.
-BoxyVPS
Can you please share the link where it is posted. It really originated from our blog.
- Daniel
Managed & Unmanaged VPS's [OpenVZ & KVM] by tmzVPS.com | FAST SSD Accelerated Plans!
Locations in California, Florida & London - Legal Adult Content Allowed! 24/7 Certied Support.
DDOS Protected VPS [KVM] - cPanel/WHM | Premium Softaculous | Data Migration Included!
INSTANT SETUP | Paypal, Skrill, 2checkout, BitCoin & all Major Credit Cards Accepted!

ultimatewebhost said:
07-04-2012 05:40 PM
Awesome tutorial.
Ultimatehostings
Fully Managed Services

doughnet said:
07-22-2012 01:39 PM
great tut
years i couldnt gure this stu out
now i already set this up on 10 of my systems!
<3

TmzHosting said:
07-23-2012 10:50 AM

Originally Posted by doughnet


great tut
years i couldnt gure this stu out
now i already set this up on 10 of my systems!
<3
I am glad you have found this article useful.
- Daniel
Managed & Unmanaged VPS's [OpenVZ & KVM] by tmzVPS.com | FAST SSD Accelerated Plans!
Locations in California, Florida & London - Legal Adult Content Allowed! 24/7 Certied Support.
DDOS Protected VPS [KVM] - cPanel/WHM | Premium Softaculous | Data Migration Included!
INSTANT SETUP | Paypal, Skrill, 2checkout, BitCoin & all Major Credit Cards Accepted!

gold2 said:
07-23-2012 12:35 PM
really great tutorial,
Web Hosting in Pakistan -> Fast Hosting,(25 minute initial ticket response time guarantee)
Hosting in Pakistan -> Keep your site online with Cheap Price

neovo said:
08-03-2012 07:34 PM
I keep getting this
Code: [View]
Connecting to apt.sw.be|193.1.193.67|:80... connected.
-bash: 193.1.193.67: command not found
-bash: :80...: command not found
-bash: Connecting: command not found
[root@myvps ~]# HTTP request sent, awaiting response... 404 Not Found

When trying to install this


wget http://pkgs.repoforge.org/rpmforge-r....rf.x86_64.rpm

CronicHosting said:
08-10-2012 08:52 AM
Nice tutorial!

dmitriy2011 said:

10-19-2012 10:49 PM
Hi.
Please pardon my ignorance but if I want to use vpn with torrent client do I need to set
the torrent client to use the port of the vpn or I will still be able to use a random port
in my torrent client?
Thank you for help.
D

Log in Register Top


Powered by vBulletin
Copyright 2000 - 2015, Jelsoft Enterprises Ltd.
WebHostingTalk, 1998. All Rights Reserved.