Setting up a secure OpenVPN connection on a VPS

2 days ago
nikolay
2 minutes

How to set up an OpenVPN recipe on a VPS

1. Why it’s needed

OpenVPN is a classic solution for creating a secure VPN connection.

Used for:

  • secure access to the server
  • connection to internal resources
  • traffic protection

2. Requirements

Before starting:

  • VPS (Ubuntu / Debian)
  • SSH access
  • open port (usually 1194)

3. Installation

Connect to the server and install OpenVPN:

apt update
apt install openvpn easy-rsa -y

Create a directory for keys:

make-cadir ~/openvpn-ca
cd ~/openvpn-ca

4. Key generation

Initialize PKI:

./easyrsa init-pki
./easyrsa build-ca

Create server certificate:

./easyrsa gen-req server nopass
./easyrsa sign-req server server

Generate client keys:

./easyrsa gen-req client nopass
./easyrsa sign-req client client

5. Server configuration

Copy config:

cp /usr/share/doc/openvpn/examples/sample-config-files/server.conf /etc/openvpn/

Edit /etc/openvpn/server.conf:

  • specify certificates
  • set port (1194)
  • choose protocol (udp)

Start:

systemctl start openvpn@server
systemctl enable openvpn@server

6. Client connection

To connect you need:

  • .ovpn file
  • certificates and keys

Client apps:

  • OpenVPN Client (Windows / macOS)
  • OpenVPN Connect (iOS / Android)

7. Verification

  • client connects without errors
  • IP changes
  • traffic goes through the server

8. Common issues

  • port 1194 is closed
  • certificate errors
  • OpenVPN is not running

Check:

systemctl status openvpn@server

9. OpenVPN vs WireGuard

OpenVPN:

  • more universal
  • stable
  • more configuration options

WireGuard:

  • faster
  • simpler configuration
  • less overhead

10. Conclusion

OpenVPN is a good choice if you need flexibility and compatibility.
For simple tasks, WireGuard is often more convenient.

Leave a Reply 0

Your email address will not be published. Required fields are marked *