How to Create a VPN Server on Ubuntu 12.04

Create VPN
How to Create a VPN Server on Ubuntu 12.04

Commands:

apt-get update

apt-get install openvpn openssl

cd /etc/openvpn

cp -r /usr/share/doc/openvpn/examples/easy-rsa/2.0 ./easy-rsa

apt-get install nano

nano easy-rsa/vars

change

export EASY_RSA=”`pwd`”

to

export EASY_RSA=”/etc/openvpn/easy-rsa”

. ./easy-rsa/vars

./easy-rsa/clean-all

cd easy-rsa

ln -s openssl-1.0.0.cnf openssl.cnf

cd ..

./easy-rsa/build-ca OpenVPN

./easy-rsa/build-key-server server

./easy-rsa/build-key client1

./easy-rsa/build-dh

nano openvpn.conf

begin openvpn.conf contents – copy below this line

dev tun

proto udp

port 1194

ca /etc/openvpn/easy-rsa/keys/ca.crt

cert /etc/openvpn/easy-rsa/keys/server.crt

key /etc/openvpn/easy-rsa/keys/server.key

dh /etc/openvpn/easy-rsa/keys/dh1024.pem

user nobody

group nogroup

server 10.8.0.0 255.255.255.0

persist-key

persist-tun

status /var/log/openvpn-status.log

verb 3

client-to-client

push “redirect-gateway def1”

#set the dns servers

push “dhcp-option DNS 8.8.8.8”

push “dhcp-option DNS 8.8.4.4”

log-append /var/log/openvpn

comp-lzo

end openvpn.conf contents – copy above this line

echo 1 > /proc/sys/net/ipv4/ip_forward

do “ifconfig” to get adapter name and ipaddress (venet0 was mine since my vps host is using openvz)

iptables -t nat -A POSTROUTING -s 10.8.0.0/24 -o venet0 -j SNAT --to YOUR.VPS.IP

cd ..

nano sysctl.conf

un-comment (remove the #) from the line containing #net.ipv4.ip_forward=1

cd ..

/etc/init.d/openvpn start

begin newvpn.ovpn contents – copy below this line

dev tun

client

proto udp

remote YOUR.VPS.IP 1194

resolv-retry infinite

nobind

persist-key

persist-tun

ca ca.crt

cert client1.crt

key client1.key

comp-lzo

verb 3

end newvpn.ovpn contents – copy above this line

The software I download the files with is called WinSCP. It allows you to transfer files via SSH. This is useful if you do not have an ftp or http server running.

Comments prior to 12/23/2012 for this post can be found here.


40 Responses to How to Create a VPN Server on Ubuntu 12.04

  1. How can i edit easy-rsa/vars file when its supposed to be empty,.. in video it shows your is not blank

    • It’s not supposed to be empty, and if it is make sure you’ve issued the command correctly. The vars file resides in /etc/openvpn/easy-rsa/ so cd to that directory and then issue nano vars and see if that does it.

  2. thanks so helpful

  3. Avatar Bob Macpherson
    Bob Macpherson says:

    Folks,

    begin openvpn.conf contents – copy below this line

    Being technically challenged, I wonder if you could explain what I actually do at this point. If it means that I need to edit a file, for example,does each item need to be on a separate line?

    Any assistance will be gratefully accepted.

    Regrds,

    Bob