Need to establish a Virtual Private Network (VPN) on your Ubuntu 20.04 device? OpenVPN is a perfect choice! With this guide, you'll be able to construct a secure VPN connection on Ubuntu 20.04 in minutes - it's that easy!
Our detailed guide will have you securely browsing the web or enjoying geo-restricted content in a jiffy! So let's get started...
IP Forwarding
Before you start the installation process, make sure to enable IP forwarding so that all network packets can be forwarded without any issues. To do this, take these steps:
Edit the config file:
nano /etc/sysctl.conf
Make sure to add this line at the end of your config:
net.ipv4.ip_forward=1
Save the file and close it once finished. Then enter the following command to make your changes take effect for the current session:
sysctl -p
Installing OpenVPN
Once IP forwarding is enabled, you can install the OpenVPN package. Enter the following command in Terminal:
sudo apt update sudo apt-get install openvpn -y
This will ensure that your system has all the necessary components to establish a VPN connection successfully.
Creating Certificates and Keys
You can create your own certificate and private key using the EasyRSA toolkit, this will help ensure security. Type the command below into to begin:
apt-get install easy-rsa -y
Following that, you must copy the EasyRSA directory to /etc/openvpn/. Use the command:
cp -r /usr/share/easy-rsa /etc/openvpn/
Now we need to move to a different directory:
cd /etc/openvpn/easy-rsa
Subsequently, open the vars file and tailor it to your geographic location:
nano vars
And set the values for KEY_COUNTRY, KEY_PROVINCE, KEY_CITY, KEY_ORG, and KEY_EMAIL to the appropriate values for your organization.
Initialize the PKI (Public Key Infrastructure):
./easyrsa init-pki
Build the certificate authority (CA):
./easyrsa build-ca
Generate a certificate and private key for the OpenVPN server:
./easyrsa build-server-full server
This will create an OpenVPN server certificate and private key and store them in the /etc/openvpn/easy-rsa/3/keys directory.
Create a strong Diffie-Hellman key
Make a robust Diffie-Hellman key to be used for key exchange. The following command will enable you to accomplish it:
ls keys/ openvpn --genkey --secret ta.key
Copy the ta.key to /etc/openvpn directory:
cp ta.key /etc/openvpn
Start The VPN
Next, we need to start up the VPN. For this, you need to run "start" and "enable"
"start" = run OpenVPN.
"boot" = enable the OpenVPN server to run automatically at boot time.
systemctl start openvpn@server systemctl enable openvpn@server
You have successfully installed OpenVPN on Ubuntu 18.04.
Note: if you face any issues while following this guide, please consult the official OpenVPN website: https://openvpn.net
Install VPN onto Windows
If you want to install the certificate and private key onto windows, you'll need to copy them over and then import them into the certificate store.
To do this, follow these steps:
- Open the windows Certificate Manager by clicking on the Start button and typing "certmgr.msc". Then press Enter.
- Select "Trusted Root Certification Authorities" within Certificate Manager, then select "Certificates" from the list of subfolders.
- Right-click on "Certificates" and select "All Tasks > Import".
- Click "Next" in the Import Wizard, and browse for the certificate file you copied from Ubuntu.
- Click "Next" and then "Finish" to complete the import.
- The private key file should now be imported into the "Private Keys" folder by repeating the previous procedures.
Once the certificate and private key have been imported, you should be able to establish a connection from the Windows PC to the OpenVPN server.
That's all there is to it! You have successfully created a secure VPN connection on Ubuntu 18.04 using OpenVPN - you're ready to explore the world, safely and securely. Enjoy!
