How to install OpenVPN on Ubuntu 20

Virtual private network (VPN) is a convenient way of setting up a secure connection to another networked host. A virtual private network extends a private network across a public network and enables users to send and receive data across shared or public networks as if their computing devices were directly connected to the private network.

When you have a VPC in our E2E cloud, you can set up a VPN server, to connect with all the nodes inside the VPC. One of the free tools available is OpenVPN, but there are some limitations, please refer here.

Note: The node should have one public IP attached to it.

Installing OpenVPN:

Download the script to install OpenVPN.

wget https://git.io/vpn -O openvpn-ubuntu-install.sh

Make it executable and run it.

chmod +x openvpn-ubuntu-install.sh

./openvpn-ubuntu-install.sh
../_images/vpn1.png

Now select the public IP (option 1):

../_images/vpn2.png

Again select 1 for UDP:

../_images/vpn3.png

Then press enter for the default port selection:

../_images/vpn4.png

Now select 3 for the cloudflare DNS,

../_images/vpn5.png

Finally enter the same of the first user/client name:

../_images/vpn6.png

Now press enter to start the installation,

../_images/vpn7.png

Once the installation is completed you will get the location of the configuration stored.

../_images/vpn8.png

Once the installation is complete, you will be given a client configuration file, and have a note of the location displayed.

Open 1194 Port on firewall:

To allow communication between client and server, we need to allow port 1194 in the node’s firewall. By default our nodes have iptables, and you can use the following command to allow the same.

sudo iptables -A INPUT -p tcp --dport 1194 -j ACCEPT

To save the rules permanently, run the following commands:

sudo netfilter-persistent save
sudo netfilter-persistent reload

Verify that the the ports are allowed using “iptables -L”

../_images/vpn9.png

The configuration is complete.

Connecting OpenVPN from local PC:

The instructions below are for linux based local PCs.

Copy the ovpn config file to your local machine. Replace XXXX with server’s public IP

scp root@XXXX:/root/e2e.ovpn /home/user/Desktop/
../_images/vpn10.png

Once done replace the downloaded location in the following command and you can connect if your PC has openvpn installed:

sudo openvpn --config /home/user/Desktop/test.ovpn

Once you get the last line output as “Initialization Sequence Completed” you are now connected to the VPN. You can test by pinging the private IP of your VPC nodes, or connecting to them via SSH.

The connection will be terminated when you close the terminal. To disconnect VPN, simply press Ctrl+C in the terminal.

Please find the below links for the instructions on how to connect for other PC platforms.

Windows: https://openvpn.net/vpn-server-resources/connecting-to-access-server-with-windows/ MacOS: https://openvpn.net/vpn-server-resources/connecting-to-access-server-with-macos/

Adding additional user/vpn accounts

To create additional user/vpn accounts run the same installation script again.

../_images/vpn11.png

Select 1 for adding additional users and 2 to remove and 3 to uninstall the openvpn

../_images/vpn12.png

For ex: Option 1 creates new user.

../_images/vpn13.png