How To Install OpenVPN on Debian 9 Stretch

Install OpenVPN on Debian 9 Stretch

In this tutorial, we will show you how to install OpenVPN on your Debian 9. For those of you who didn’t know, For those of you who didn’t know, OpenVPN is an open-source application that is widely used to create secure virtual private networks over the unsecured public Internet. OpenVPN is an SSL VPN solution that drains your system connection securely through the Internet. OpenVPN functions in the client-server structure. All the devices connected to a virtual private network act as if they’re linked to your local area network. The packets sent through the VPN tunnel are encrypted with 256 bit AES encryption making data theft impossible.

This article assumes you have at least basic knowledge of Linux, know how to use the shell, and most importantly, you host your site on your own VPS. The installation is quite simple and assumes you are running in the root account, if not you may need to add ‘sudo’ to the commands to get root privileges. I will show you through the step by step installation of OpenVPN on a Debian 9 (Stretch) server.

Install OpenVPN on Debian 9 Stretch

Step 1. Before we install any software, it’s important to make sure your system is up to date by running these following apt-get commands in the terminal:

apt-get update
apt-get upgrade

Step 2. Installing OpenVPN on Debian 9.

Note: We will use the IP address in this tutorial. For example, your public IP is : 216.58.197.67

First, download OpenVPN road warrior installer for Debian:

wget https://git.io/vpn -O openvpn-install.sh

Once downloaded, run OpenVPN-install.sh script to install and configure the OpenVPN server:

bash openvpn-install.sh

You will be asked to enter your IP address, port, etc. Please make sure you change the IP address with your Public IP address:

Welcome to this quick OpenVPN "road warrior" installer

I need to ask you a few questions before starting the setup
You can leave the default options and just press enter if you are ok with them

First I need to know the IPv4 address of the network interface you want OpenVPN
listening to.
IP address: 216.58.197.67

Which protocol do you want for OpenVPN connections?
 1) UDP (recommended)
 2) TCP
Protocol [1-2]: 1

What port do you want OpenVPN listening to?
Port: 1194

Which DNS do you want to use with the VPN?
 1) Current system resolvers
 2) Google
 3) OpenDNS
 4) NTT
 5) Hurricane Electric
 6) Verisign
DNS [1-6]: 2

Finally, tell me your name for the client certificate
Please, use one word only, no special characters
Client name: idroot-openvpn

Okay, that was all I needed. We are ready to setup your OpenVPN server now
Press any key to continue...

At this point, our OpenVPN Server is ready. You can now check the firewall rule:

cat /etc/rc.local

Sample outputs:

#!/bin/sh -e
iptables -I FORWARD -m state --state RELATED,ESTABLISHED -j ACCEPT
iptables -I FORWARD -s 10.8.0.0/24 -j ACCEPT
iptables -I INPUT -p udp --dport 1194 -j ACCEPT
iptables -t nat -A POSTROUTING -s 10.8.0.0/24 ! -d 10.8.0.0/24 -j SNAT --to 139.59.105.37
exit 0

Now, enable and start the OpenVPN service:

## start service ##
systemctl start openvpn@server

## stop service ##
systemctl stop openvpn@server

## check status ##
systemctl status openvpn@server

Now we can download the ovpn configuration file. This file will be used to connect to the server. We can use scp command to do this:

scp root@216.58.197.67:~/idroot-openvpn.ovpn /home/godet/Desktop

Congratulations! You have successfully installed OpenVPN. Thanks for using this tutorial for installing OpenVPN on Debian 9 Stretch server. For additional help or useful information, we recommend you to check the official OpenVPN website.

VPS Manage Service Offer
If you don’t have time to do all of this stuff, or if this is not your area of expertise, we offer a service to do “VPS Manage Service Offer”, starting from $10 (Paypal payment). Please contact us to get the best deal!