OpenVPN , is an open source software application used to facilitate the creation of secure point-to-point or site-to-site connections in routed or bridged configurations.
As one of the most popular VPN protocols, OpenVPN offers a high level of security using state-of-the-art cryptographic algorithms and is widely adopted for both personal and business applications.
In this guide, we’ll look at how to set up your own VPN on a virtual private server or dedicated server.
Why should I run my own VPN?
Running your own VPN provides not only enhanced control over your digital security, but also a personalized experience tailored to your needs.
With your own VPN server, you’re in the driver’s seat. No more generic configurations or one-size-fits-all solutions.
Plus, by running your own VPN, you have full control over the server, software, and data handling. This means you don’t need to trust your data to a third-party provider.
Which server should I buy?
Choosing the right specification for your OpenVPN setup largely depends on the expected number of concurrent users, data throughput, and specific use case (e.g. browsing, streaming, downloading).
Additionally, it is important to consider the location of your VPS for optimal performance and access.
Since bandwidth is a crucial consideration for VPNs, we should opt for a VPS or dedicated server with unlimited bandwidth.
Here are some recommended specifications, depending on how you plan to use the VPN:
Personal use:
- CPU: A single core is usually sufficient.
- RAM: 512 MB – 1 GB should be enough.
- Storage: A basic SSD with 25GB or more is more than enough for software and records.
Use in small groups or families :
- CPU: 1-2 cores.
- RAM: 1GB – 2GB.
- Storage: A basic SSD with 30 GB or more.
Larger companies or groups
- CPU: 2-4 cores (or more, depending on cluster size).
- RAM: 2GB – 4GB or more.
- Storage: A larger SSD, say 50GB or more, especially if logs are retained for longer periods of time.
Download and run the OpenVPN installation script
Once you have purchased your server, it is time to install the OpenVPN script.
Access your server via SSH and using wget (or curl) you can get the script and then run it:
wget https://git.io/vpn -O openvpn-install.sh sudo bash openvpn-install.shConfiguration messages
The script will then guide you through the setup:
- It will first ask for the server’s public IP, although in most cases the default value it offers is correct, so you can press Enter.
- It will then ask you to select the protocol (UDP is recommended).
- Next, you will choose a port (the default is 1194).
- You can then select a DNS provider.
- Finally, you will be asked for a client name. Choose something you will remember, as this is how your connection will be identified.
Generating the .ovpn file
The cool thing about this script is that once you have completed all the prompts, it will automatically generate a .ovpn file.
By default, the file will have a name something like clientname.ovpn and will be located in the home directory of the user under which the script was run.
Installing the OpenVPN client on your local device
You will need to download the OpenVPN client on the device you want to use the VPN on and then follow the steps below to import the configuration file to the client.
You can download the client for your operating system here: https://openvpn.net/client/
Importing the file:
- Click the ‘+’ icon in the bottom right corner of the client window.
- Select ‘File’, click Browse, and then select the .opvn file from the directory where you saved it.
- Enter a profile name and then select ‘Connect’.
Transfer the .ovpn file to any device you want to connect to your VPN. Import this file into your OpenVPN client and you’re good to go!
Transferring the .ovpn file from your server to your client device can be done in different ways, depending on the type of client device and their preferences.
Here is a brief guide:
Secure Copy Protocol (SCP) – for Linux/Mac:
On your local machine, use the terminal and the scp command:
scp username@your_server_ip:/path/to/clientname.ovpn /local/path/where/you/want/to/save/SFTP clients – for Windows:
Applications like WinSCP or FileZilla allow you to securely transfer files via SFTP.
Connect to your server using your credentials, navigate to the directory where the .ovpn file is located, then drag and drop it to your local machine.
Add more clients or revoke access
If you want to add more clients or revoke access, simply run the openvpn-install.sh script again.
It will give you options to add another client, revoke access, or uninstall OpenVPN.
Conclusions
Always remember that the key to a successful VPN is not only in its setup but also in its maintenance. Keep your server and software up to date!