How To Setup OpenVPN Server In 5 Minutes on Ubuntu Linux


#1

Originally published at: https://www.cyberciti.biz/faq/howto-setup-openvpn-server-on-ubuntu-linux-14-04-or-16-04-lts/

I am a new Ubuntu Linux server user. How do I setup an OpenVPN Server on Ubuntu Linux version 14.04 or 16.04/18.04 LTS server to shield my browsing activity from bad guys on public Wi-Fi, and more?


#2

The simplest way is to use GUI app https://github.com/delfer/ssheller
Open source, available for Windows, macOS и Linux.
Do not require any additional app. Will configure server and download .ovpn file for you.
And tested heavily with DO.


#3

Hi, I have tried many times vpn client connects to server successfully but internet through VPN doesn’t work
Please help
Can able to ping GW: 10.8.0.1
also default route is set to 10.8.0.1

Thanks


#4

Can you ping public IP address such as 8.8.8.8?

ping 8.8.8.8
ping 1.1.1.1

#5

no thats the problem :smiley: after connecting vpn able to ping gateway 10.8.0.1 but unable to access internet 8.8.8.8 or browse

I think NAT is not working properly on Ubuntu OpenVPN server
Using Windows Openvpn client


#6

You can verify NAT rules with:

iptables -t nat -L -n -v
## the following must be 1 ##
sysctl net.ipv4.ip_forward

Usually, script adds rule to /etc/rc.local that does the magic:

cat /etc/rc.local 
iptables -t nat -A POSTROUTING -s 10.8.0.0/24 ! -d 10.8.0.0/24 -j SNAT --to 139.xxx.yyy.zzz

139.xxx.yyy.zzz is my VPN server IP address.


#7

root@virtual-machine:/home/ali# iptables -t nat -L -n -v
Chain PREROUTING (policy ACCEPT 7541 packets, 843K bytes)
pkts bytes target prot opt in out source destination

Chain INPUT (policy ACCEPT 44 packets, 2411 bytes)
pkts bytes target prot opt in out source destination

Chain OUTPUT (policy ACCEPT 104 packets, 7268 bytes)
pkts bytes target prot opt in out source destination

Chain POSTROUTING (policy ACCEPT 104 packets, 7268 bytes)
pkts bytes target prot opt in out source destination
445 26574 SNAT all – * * 10.8.0.0/24 !10.8.0.0/24 to:x.x.x.x (Public IP of Server)
0 0 MASQUERADE all – * ens160 10.8.0.0/24 0.0.0.0/0
root@virtual-machine:/home/ali# sysctl net.ipv4.ip_forward
net.ipv4.ip_forward = 1
root@virtual-machine:/home/ali# cat /etc/rc.local
#!/bin/sh -e
iptables -I FORWARD -m state --state RELATED,ESTABLISHED -j ACCEPT
iptables -I FORWARD -s 10.8.0.0/24 -j ACCEPT
iptables -I INPUT -p tcp --dport 1194 -j ACCEPT
iptables -t nat -A POSTROUTING -s 10.8.0.0/24 ! -d 10.8.0.0/24 -j SNAT --to 210.56.27.74

As you see everything looks fine?


#9

Yes, it looks correct. My guess is DNS server at your hosting causing such issue. Can you remove OpenVPN and reinstall it again and choose 1.1.1.1 or Google DNS when asked?

sudo ./openvpn-install.sh

First remove OpenVPN. Again run script and make sure you choose 1.1.1.1 or Google DNS:

sudo ./openvpn-install.sh

For example:


Do show your screenshot when you run above screen.


#10

Hey guys,
I have installed OpenVPN with this script and on mac and windows it’s working like a charm. I have problem with ubuntu. When i start it from terminal with fresh config, my terminal is frozen with last message “Initialization Sequence Completed”. When i open new terminal and check ip address, I’m connected to VPN, and it’s working, but i need to keep previous terminal opened. Did somebody have had this issue?


#11

Did you installed it as service and starting using the systemctl command?


#12

yes, via apt-get…
ubuntuserver@ubuntu:~$ systemctl status openvpn
● openvpn.service - OpenVPN service
Loaded: loaded (/lib/systemd/system/openvpn.service; enabled; vendor preset:
Active: active


#13

change ip for that


sàn gỗ