In this tutorial, we will show you how to install the OpenVPN server on AlmaLinux 8. For those of you who didn’t know, OpenVPN is a robust and highly flexible open-source VPN software that uses all of the encryption, authentication, and certification features of the OpenSSL library to securely tunnel IP networks over a single UDP or TCP port. A VPN enables us to connect securely to an insecure public network such as a wifi network at the airport or hotel. Typically business and enterprise users need some sort of VPN before they can access services hosted at your office.
This article assumes you have at least basic knowledge of Linux, know how to use the shell, and most importantly, you host your site on your own VPS. The installation is quite simple and assumes you are running in the root account, if not you may need to add ‘sudo
‘ to the commands to get root privileges. I will show you through the step-by-step installation of the OpenVPN on an AlmaLinux 8. You can follow the same instructions for CentOS and Rocky Linux.
Prerequisites
- A server running one of the following operating systems: AlmaLinux 8.
- It’s recommended that you use a fresh OS install to prevent any potential issues.
- A
non-root sudo user
or access to theroot user
. We recommend acting as anon-root sudo user
, however, as you can harm your system if you’re not careful when acting as the root.
Install OpenVPN Server on AlmaLinux 8
Step 1. First, let’s start by ensuring your system is up-to-date.
sudo dnf update sudo dnf install epel-release
Step 2. Installing OpenVPN server on AlmaLinux 8.
Install OpenVPN server is straightforward, now run the following command below to download installer OpenVPN from the GitHub page:
curl -O https://raw.githubusercontent.com/angristan/openvpn-install/master/openvpn-install.sh
Once the file is downloaded, make it executable and run it:
chmod +x openvpn-install.sh ./openvpn-install.sh
The script will start the installation process with a series of questions followed by a prompt and your response:
After that, add a new client you will see the following output screen where you will have to define the Client Name:
Okay, that was all I needed. We are ready to setup your OpenVPN server now. You will be able to generate a client at the end of the installation. Press any key to continue... Tell me a name for the client. The name must consist of alphanumeric character. It may also include an underscore or a dash. Client name: meilanamaria
Next, you will be asked if you want to protect the configuration file with a password:
Do you want to protect the configuration file with a password? (e.g. encrypt the private key with a password) 1) Add a passwordless client 2) Use a password for the client Select an option [1-2]: 1
Finally, you will be informed that the process has been successful:
Client meilanamaria added. The configuration file has been written to /home/user/idroot.ovpn. Download the .ovpn file and import it in your OpenVPN client.
Step 3. Connecting Client to the OpenVPN server
Once successfully the installation, download the .ovpn client file. If you’re using the shell version of OpenVPN client(no GUI), in order to connect, just in the terminal run the OpenVPN with the filename and location of your .ovpn client config fike:
openvpn meilanamaria.ovpn
Step 4. Configuration Firewall.
AlmaLinux comes with an active firewall straight out of the box and it will be in running state from the first boot, so in order to be able to establish the connection with the OpenVPN server, you need to add firewall rules to allow OpenVPN connection on the server:
sudo firewall-cmd --zone=trusted --add-service=openvpn sudo firewall-cmd --zone=trusted --permanent --add-service=openvpn sudo firewall-cmd --add-masquerade sudo firewall-cmd --permanent --add-masquerade sudo firewall-cmd --zone=trusted --permanent --add-port=1194/udp sudo firewall-cmd --reload
Congratulations! You have successfully installed OpenVPN. Thanks for using this tutorial for installing the OpenVPN server on your AlmaLinux 8 system. For additional help or useful information, we recommend you check the official OpenVPN website.