Linux tutorials

How to Setup OpenVPN on Ubuntu 22.04

OpenVPN server is a popular open-source software application that implements virtual private network (VPN) techniques for creating secure point-to-point or site-to-site connections in routed or bridged configurations and remote access facilities. In this tutorial, we will show you how to set up an OpenVPN server on Ubuntu 22.04.


Before proceeding with this tutorial, you will need:

  • An Ubuntu 22.04 server with a non-root user with sudo privileges
  • A domain name pointed to your server’s IP address
  • OpenVPN installed on your server

Installing Open VPN

To install OpenVPN server on Ubuntu 22.04, follow these steps:

  1. Update the package index:
sudo apt update
  1. Install the OpenVPN package:
sudo apt install openvpn

Generating SSL Certificate and Key

In this section, we will generate an SSL certificate and key for our OpenVPN.

  1. Create a directory for the OpenVPN configuration files:
mkdir -p /etc/openvpn/server 
  1. Navigate to the server directory:
cd /etc/openvpn/server
  1. Generate the certificate and key using Easy-RSA:
sudo apt install easy-rsa
sudo cp -r /usr/share/easy-rsa/ /etc/openvpn/
cd /etc/openvpn/easy-rsa/
sudo nano vars

Update the following lines with your information:

export KEY_CITY="San Francisco"
export KEY_ORG="OpenVPN"
export KEY_EMAIL=""

Save and close the file.

sudo ./easyrsa init-pki
sudo ./easyrsa build-ca nopass
sudo ./easyrsa build-server-full server nopass

Configuring Open VPN Server

In this section, we will configure our OpenVPN.

  1. Create the OpenVPN server configuration file:
sudo nano /etc/openvpn/server.conf 

Add the following configuration:

port 1194
proto udp
dev tun
ca /etc/openvpn/easy-rsa/pki/ca.crt
cert /etc/openvpn/easy-rsa/pki/issued/server.crt
key /etc/openvpn/easy-rsa/pki/private/server.key
dh /etc/openvpn/easy-rsa/pki/dh.pem
ifconfig-pool-persist ipp.txt
push "redirect-gateway def1 bypass-dhcp"
push "dhcp-option DNS"
push "dhcp-option DNS"
keepalive 10 120
tls-auth /etc/openvpn/easy-rsa/pki

Leave a Reply

Your email address will not be published. Required fields are marked *