[HowTo] Install Configure OpenVPN On Ubuntu

“OpenVPN is a free and open source software application that implements virtual private network (VPN) solutions for creating secure point-to-point or site-to-site connections in routed or bridged configurations and remote access facilities. It uses SSL/TLS security for encryption and is capable of traversing network address translators (NATs) and firewalls. It was written by James Yonan and is published under the GNU General Public License (GPL).” (Cite from Linux Security).

So with OpenVPN you can create a secure private network using internet connection. OpenVPN uses the OpenSSL library to provide encryption of both the data and control channels and transmitted data. OpenVPN work in multi platform. So once the server is setup and configured (i suggest use Linux), the client can connect from any platform (Windows, Mac OS, And Linux).

To install OpenVPN on Ubuntu:

sudo apt-get install openvpn libssl-dev openssl

OpenVPN Configuration:

  1. Copy the easy-rsa to openvpn folder:
    cd /etc/openvpn/
    cp -r /usr/share/doc/openvpn/examples/easy-rsa/2.0/* /etc/openvpn/easy-rsa/
    chown -R $USER /etc/openvpn/easy-rsa/
  2. Create the server certificates:
    cd /etc/openvpn/easy-rsa/
    source vars
    ./pkitool --initca
    ./pkitool --server server
    cd keys
    openvpn --genkey --secret ta.key
    cp server.crt server.key ca.crt dh1024.pem ta.key /etc/openvpn/
  3. Create the client certificates:
    cd /etc/openvpn/easy-rsa/
    source vars
    ./pkitool hostname
    cd ..

    Change hostname to your client hostname

  4. Compress the client certificate:
    tar czf keys.tgz ca.crt ta.key easy-rsa/keys/hostname.crt easy-rsa/keys/hostname.key
  5. Download the keys.tgz and extract it under your openvpn client.
  6. Configure /etc/openvpn/server.conf
    cp /usr/share/doc/openvpn/examples/sample-config-files/server.conf.gz /etc/openvpn/
    gzip -d /etc/openvpn/server.conf.gz

    edit server.conf

    dev tun
    ifconfig-pool-persist ipp.txt
    ca ca.crt
    cert server.crt
    key server.key
    dh dh1024.pem
    push "route"
    push "redirect-gateway"
    keepalive 10 60
    user nobody
    group nobody
  7. Start openvpn server
    echo 1 > /proc/sys/net/ipv4/ip_forward #enable ip forwarding
    iptables -t nat -A POSTROUTING -s -o venet0 -j MASQUERADE
    iptables-save > /etc/iptables.conf
    echo "#!/bin/sh" > /etc/network/if-up.d/iptables
    echo "iptables-restore < /etc/iptables.conf" >> /etc/network/if-up.d/iptables
    chmod +x /etc/network/if-up.d/iptables
    echo "net.ipv4.ip_forward=1" >> /etc/sysctl.conf


    /etc/init.d/openvpn start

The OpenVPN server configuring finish, the next step is configure the client. In this example i’m using Windows Vista with OpenVPN client installed.

OpenVPN Client Configuration:

  1. Download the keys.tgz with FTP client
  2. Extract it in C:Program FilesOpenVPNconfig
  3. Run openvpn-gui, and press connect.
  4. You are connected to the OpenVPN, and you can share with the other client just like using a Lan Network over the internet.

Even there are lot of ways and configure options to make your OpenVPN work as you need, this is just a basic example that i do to create my own OpenVPN so i can test my programs. Wish this article is useful for you.

Thanks to:
Configure OpenVPN Ubuntu


  1. Thahir says:

    will you please tell me how to "Download the keys.tgz with FTP client"

  2. Dienzzuhri says:

    mas, nanya dong setting buat klient nya pake os winxp. yg di atas cuma sampe seting server aja. trims.

  3. Clipiticlopos says:

    What is venet0 (point 7) in this line:

    iptables -t nat -A POSTROUTING -s -o venet0 -j MASQUERADE

  4. JavierSanchez says:

    Hmmm this article is for linux… then why are you telling us to open the openvpn-gui.exe in program files/iopenvpn? Thats just what I wanted to know how to do it in linux, I don't know where am I supposed to put my openvpn credentials

Give me your feedback

This site uses Akismet to reduce spam. Learn how your comment data is processed.