In this tutorial, we will show you how to install OpenVPN on your Debian 9 Stretch. For those of you who didn’t know, OpenVPN is an open-source application that is widely used to create secure virtual private networks over the unsecured public Internet. OpenVPN is an SSL VPN solution that drains your system connection securely through the Internet. OpenVPN functions in the client-server structure. All the devices connected to a virtual private network act as if they’re linked to your local area network. The packets sent through the VPN tunnel are encrypted with 256 bit AES encryption making data theft impossible.
This article assumes you have at least basic knowledge of Linux, know how to use the shell, and most importantly, you host your site on your own VPS. The installation is quite simple and assumes you are running in the root account, if not you may need to add ‘sudo‘ to the commands to get root privileges. I will show you through the step-by-step installation of OpenVPN on a Debian 9 (Stretch) server.
Install OpenVPN on Debian 9 Stretch
Step 1. Before we install any software, it’s important to make sure your system is up to date by running the following apt-get commands in the terminal:
apt-get update apt-get upgrade
Step 2. Installing OpenVPN on Debian 9.
Note: We will use the IP address in this tutorial. For example, your public IP is: 216.58.197.67
First, download the OpenVPN road warrior installer for Debian:
wget https://git.io/vpn -O openvpn-install.sh
Once downloaded, run OpenVPN-install.sh script to install and configure the OpenVPN server:
bash openvpn-install.sh
You will be asked to enter your IP address, port, etc. Please make sure you change the IP address with your Public IP address:
Welcome to this quick OpenVPN "road warrior" installer I need to ask you a few questions before starting the setup You can leave the default options and just press enter if you are ok with them First I need to know the IPv4 address of the network interface you want OpenVPN listening to. IP address: 216.58.197.67 Which protocol do you want for OpenVPN connections? 1) UDP (recommended) 2) TCP Protocol [1-2]: 1 What port do you want OpenVPN listening to? Port: 1194 Which DNS do you want to use with the VPN? 1) Current system resolvers 2) Google 3) OpenDNS 4) NTT 5) Hurricane Electric 6) Verisign DNS [1-6]: 2 Finally, tell me your name for the client certificate Please, use one word only, no special characters Client name: idroot-openvpn Okay, that was all I needed. We are ready to setup your OpenVPN server now Press any key to continue...
At this point, our OpenVPN Server is ready. You can now check the firewall rule:
cat /etc/rc.local
Sample outputs:
#!/bin/sh -e iptables -I FORWARD -m state --state RELATED,ESTABLISHED -j ACCEPT iptables -I FORWARD -s 10.8.0.0/24 -j ACCEPT iptables -I INPUT -p udp --dport 1194 -j ACCEPT iptables -t nat -A POSTROUTING -s 10.8.0.0/24 ! -d 10.8.0.0/24 -j SNAT --to 139.59.105.37 exit 0
Now, enable and start the OpenVPN service:
## start service ## systemctl start openvpn@server ## stop service ## systemctl stop openvpn@server ## check status ## systemctl status openvpn@server
Now we can download the ovpn configuration file. This file will be used to connect to the server. We can use the SCP command to do this:
scp root@216.58.197.67:~/idroot-openvpn.ovpn /home/godet/Desktop
Congratulations! You have successfully installed OpenVPN. Thanks for using this tutorial for installing OpenVPN on Debian 9 Stretch server. For additional help or useful information, we recommend you check the official OpenVPN website.
