Debian 10 Set Up OpenVPN Server In 5 Minutes

Originally published at: https://www.cyberciti.biz/faq/debian-10-set-up-openvpn-server-in-5-minutes/

I am a new Debian Linux 10 server user. How do I set up an OpenVPN Server on Debian Linux version 10 server to shield my browsing activity from bad guys on public Wi-Fi, and more?

The easiest way is to use the pivpn script from https://github.com/pivpn/pivpn
It is as simple as running:

curl -L https://install.pivpn.io | bash

I have tested it on Debian 10 and works great !!!

I’d like to add that this also works like charm on a Raspbian 10 / Buster.

Thank you very much for this great work – but couldn’t I have googled this after having spent a couple of hours of trying to set my raspi based OVPN server manually? :wink:

Hi,
First of all, I would like to thank you for the great tutorial Debian 10 Set Up OpenVPN Server In 5 Minutes

Installing OpenVPN server on fresh VPS - Debian 10 works like a charm & have created Clients too. All went well!

Since I am a newbie in Linux, wanted to be sure if the installation is good & secured.

I tried " A note about troubleshooting OpenVPN server and client issues" & the following are the results, please guide if all good to use this server

Question 1
Check OpenVPN server for errors:
journalctl --identifier ovpn-server
Output:

Jul 23 20:31:13 server ovpn-server[2694]: IFCONFIG POOL LIST
Jul 23 20:31:13 server ovpn-server[2694]: Initialization Sequence Completed
Jul 23 20:33:31 server ovpn-server[2694]: event_wait : Interrupted system call (code=4)
Jul 23 20:33:31 server ovpn-server[2694]: Closing TUN/TAP interface
Jul 23 20:33:31 server ovpn-server[2694]: /sbin/ip addr del dev tun0 10.8.0.1/24
Jul 23 20:33:31 server ovpn-server[2694]: Linux ip addr del failed: external program exited with
Jul 23 20:33:31 server ovpn-server[2694]: SIGTERM[hard,] received, process exiting
Jul 23 20:33:43 server ovpn-server[2879]: OpenVPN 2.4.7 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO]
Jul 23 20:33:43 server ovpn-server[2879]: library versions: OpenSSL 1.1.1d 10 Sep 2019, LZO 2.10
Jul 23 20:33:43 server ovpn-server[2879]: ECDH curve prime256v1 added
Jul 23 20:33:43 server ovpn-server[2879]: Outgoing Control Channel Encryption: Cipher 'AES-256-CT
Jul 23 20:33:43 server ovpn-server[2879]: Outgoing Control Channel Encryption: Using 256 bit mess
Jul 23 20:33:43 server ovpn-server[2879]: Incoming Control Channel Encryption: Cipher 'AES-256-CT

Question2: Is firewall rule setup correctly on your server? Use the iptables command and sysctl command commands to verify NAT rule setup on your server:

root@server:~# iptables -t nat -L -n -v
Chain PREROUTING (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination

Chain INPUT (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination

Chain POSTROUTING (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
0 0 MASQUERADE all – * eth0 10.8.0.0/24 0.0.0.0/0

Chain OUTPUT (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
root@server:~#

I can not see my VPS Static IP
is this means that I am not behind NAT and using VPS in one of the Data Center?

Please advise if everything is okay with the installation

Is this any Web GUI for OpenVPN?

Thanks & regards,

Tummy

Hi @Tummy ,

It is not clear from your post, but are you getting any problems while using OpenVPN? Are you able to connect from a client system to your OpenVPN? Are you using AWS? AWS uses NATed IP and we can view public IP by typing the following command:

curl http://checkip.amazonaws.com

Hi,

Thanks for your reply

I am not getting any problems using OpenVPN. It is working fine.

Further, I am not using AWS, my setup is VPS with Static IP having Debian OS

Reasons to post

I was trying to be sure if my setup is fine, so I tried running commands given in the Troubleshooting.
While running these troubleshoot commands, I posted my results to get expert advice if the installation is good to use

Regards

Run ifconfig or ip to see your static IP:

ifconfig -a
ip -br addr show

Can you see it now? To see firewall rules as root user:

iptables-save
ip6tables-save

Linux sysadmin blog - Linux/Unix Howtos and Tutorials - Linux bash shell scripting wiki