Installing OpenVPN (server) on ubuntu 10.04

This is a quick note on how to install OpenVPN as a Ethernet tunnel (not a bridge) on ubuntu 10.04

install

sudo apt-get install openvpn

Server Certificates

First, copy the easy-rsa directory to /etc/openvpn.

sudo mkdir /etc/openvpn/easy-rsa/
sudo cp -r /usr/share/doc/openvpn/examples/easy-rsa/2.0/* /etc/openvpn/easy-rsa/

You may also wish to adjust permissions in the easy-rsa directory to allow the current user permission to create files.

sudo chown -R $USER /etc/openvpn/easy-rsa/

Next, edit /etc/openvpn/easy-rsa/vars but make sure you adjust at least the following values to values make sense to you:

export KEY_COUNTRY="SE"
export KEY_PROVINCE="Blekinge"
export KEY_CITY="Karlskrona"
export KEY_ORG="My organization"
export KEY_EMAIL="vpnhelp@example.com"

Enter the following to create the server certificates:

cd /etc/openvpn/easy-rsa/
source vars
./clean-all
./build-dh
./pkitool --initca
./pkitool --server server
cd keys
openvpn --genkey --secret ta.key
sudo cp server.crt server.key ca.crt dh1024.pem ta.key /etc/openvpn/

Server Configuration
Lets start by copying the example config.

sudo cp /usr/share/doc/openvpn/examples/sample-config-files/server.conf.gz /etc/openvpn/
sudo gunzip /etc/openvpn/server.conf.gz

Edit /etc/openvpn/server.conf changing (at least) the following options (change to values that make sense to you):

#Change the VPN subnet address to one that makes sense to you (and don't collide with any other net)
server 10.9.0.0 255.255.255.0
#If you wish the computers on the VPN to be able to connect to each other then uncomment
client-to-client
# You can uncomment this out on
# non-Windows systems.
user nobody
group nogroup
#If this is uncommented then a separate log will be written for OpenVPN (If both log lines are uncommented, then syslog is used)
log-append  openvpn.log
#To enable per client configurations uncomment:
client-config-dir client-configs

Restart the VPN:

/etc/init.d/openvpn restart

If the server failed to start:

/etc/init.d/openvpn restart
 * Stopping virtual private network daemon(s)...                                                                                                 
 *   No VPN is running.
 * Starting virtual private network daemon(s)...                                                                                                 
 *   Autostarting VPN 'server'                                                     [fail]

Then you should check out the log (either syslog or the log you set in the config file) and solve the issues.
It should look like this:

/etc/init.d/openvpn restart
 * Stopping virtual private network daemon(s)...                                                                                                 
 *   No VPN is running.
 * Starting virtual private network daemon(s)...                                                                                                 
 *   Autostarting VPN 'server'                                                     [ OK ]

3 thoughts on “Installing OpenVPN (server) on ubuntu 10.04

  1. I am having issues with this bigtime, i have been working on this for days yet, I am not getting anywhere. I am at the point where i went through all steps over and over, can you please help guide me through this process. I am in Canada and yes, restrictions are a pain in the ass. Thank you for any advice or guidance you might be willing to provide.

    I keep getting fail fail fail at the end of the process.

    Walter

  2. What does the log file say?
    Normally what I have done wrong is naming of files or misspelling some config param, and that the log (usually) tells me.

  3. Thank you!! I had so many problems with setting up openvpn, I could get it to work on centos but never ubuntu for some reason, this guide worked perfectly! I can confirm it working on micronetvps.com’s VPS’s (they have 6 locations so good for vpn), I also got it to work on a vps from ovh (france only i think).

    Thanks again and keep up the good work!

Comments are closed.