UbuntuUbuntu Based

How To Install Pritunl VPN Server on Ubuntu 24.04 LTS

r00t

Install Pritunl VPN Server on Ubuntu 24.04

Securing your network connections and protecting sensitive data has become crucial in today’s digital landscape. Virtual Private Networks (VPNs) offer a reliable solution for establishing secure connections across the internet. Pritunl VPN, an open-source enterprise VPN server, stands out for its simplicity and robust features. This comprehensive guide will walk you through the complete process of installing and configuring Pritunl VPN Server on Ubuntu 24.04 LTS, providing you with a secure and reliable VPN solution.

Understanding Pritunl VPN Server

Pritunl is a powerful, open-source VPN server that allows you to virtualize private networks across data centers quickly and efficiently. It features a user-friendly web interface that simplifies VPN management and configuration tasks. Unlike other complex VPN solutions, Pritunl offers enterprise-grade capabilities without the steep learning curve.

Key Features of Pritunl VPN

Pritunl comes packed with features that make it an excellent choice for both personal and enterprise use:

  • User-friendly web interface for easy management
  • Support for cross-platform clients including Windows, macOS, and Linux
  • Compatibility with OpenVPN clients for various devices
  • Ability to create a wide range of cloud VPN networks
  • Distributed server architecture for high availability
  • Simple user and organization management
  • Support for two-factor authentication

The server architecture is designed to be scalable and reliable, allowing for deployment across multiple servers and different data centers. This distributed approach enhances performance and provides automatic failover capabilities when an instance fails, ensuring continuous service availability.

Prerequisites for Installation

Before proceeding with the installation of Pritunl VPN Server on Ubuntu 24.04 LTS, ensure that you have the following in place:

  • A system running Ubuntu 24.04 LTS server with at least 1GB RAM and 10GB storage
  • Root or sudo access to the server
  • A stable internet connection
  • Basic knowledge of Linux commands
  • A properly configured domain name (optional but recommended)
  • Open ports for VPN traffic (primarily UDP 1194, TCP 443, and TCP 80)

Additionally, ensure that your server has a static IP address to maintain consistent accessibility. This is crucial for VPN clients to establish reliable connections to your server.

Preparing Your Ubuntu 24.04 LTS Server

Proper preparation of your server is essential for a smooth installation process. Let’s begin by updating your system and installing necessary dependencies.

Updating System Packages

First, update your package repositories and upgrade existing packages to ensure you have the latest versions:

sudo apt update
sudo apt upgrade -y

Installing Essential Dependencies

Install the required dependencies for Pritunl:

sudo apt install curl gnupg2 wget unzip -y

These packages are necessary for adding repositories, downloading files, and handling the installation process.

Configuring IP Forwarding

For the VPN server to properly route traffic, you need to enable IP forwarding on your Ubuntu system:

sudo nano /etc/sysctl.conf

Find the line that contains net.ipv4.ip_forward=1 and uncomment it by removing the # at the beginning. If the line doesn’t exist, add it to the file.

Save the file and apply the changes:

sudo sysctl -p

This configuration allows your server to forward network packets between interfaces, which is essential for VPN functionality.

Installing MongoDB

Pritunl relies on MongoDB for storing configuration data and managing user information. Let’s install and configure MongoDB for Ubuntu 24.04 LTS.

Adding MongoDB Repository

First, import the MongoDB public GPG key:

sudo apt-key adv --keyserver hkp://keyserver.ubuntu.com --recv 20691EEC35216C63CAF66CE1656408E390CFB1F5

Next, add the MongoDB repository to your system:

echo "deb [ arch=amd64,arm64 ] https://repo.mongodb.org/apt/ubuntu focal/mongodb-org/4.4 multiverse" | sudo tee /etc/apt/sources.list.d/mongodb-org-4.4.list

Installing MongoDB Packages

Update the package list and install MongoDB:

sudo apt update
sudo apt install mongodb-org -y

Starting and Enabling MongoDB Service

Start the MongoDB service and enable it to launch automatically at system startup:

sudo systemctl start mongod
sudo systemctl enable mongod

Verify that MongoDB is running correctly:

sudo systemctl status mongod

The output should indicate that the service is active and running.

Installing Pritunl Server on Ubuntu 24.04

Now that we have MongoDB installed, let’s proceed with installing Pritunl VPN server.

Adding Pritunl GPG Keys

First, add the Pritunl GPG keys to ensure package authenticity:

sudo apt-key adv --keyserver hkp://keyserver.ubuntu.com --recv E162F504A20CDF15827F718D4B7C549A058F8B6B
sudo apt-key adv --keyserver hkp://keyserver.ubuntu.com --recv 7568D9BB55FF9E5287D586017AE645C0CF8E292A

Setting Up Pritunl Repository

Add the Pritunl repository to your system. For Ubuntu 24.04, we’ll use the focal repository as it’s compatible:

echo "deb http://repo.pritunl.com/stable/apt focal main" | sudo tee /etc/apt/sources.list.d/pritunl.list

Installing Pritunl Packages

Update your package list and install Pritunl:

sudo apt update
sudo apt install pritunl -y

Starting and Enabling Pritunl Service

Start the Pritunl service and enable it to launch at system startup:

sudo systemctl start pritunl
sudo systemctl enable pritunl

Verify that Pritunl is running properly:

sudo systemctl status pritunl

The output should indicate that the service is active and running.

Configuring Firewall for Pritunl

Proper firewall configuration is essential for VPN functionality. Let’s configure UFW (Uncomplicated Firewall) to allow the necessary ports for Pritunl.

sudo ufw allow 443/tcp   # HTTPS for web interface
sudo ufw allow 80/tcp    # HTTP for web interface
sudo ufw allow 1194/udp  # OpenVPN
sudo ufw allow OpenSSH   # SSH access

Enable the firewall if it’s not already enabled:

sudo ufw enable

These firewall rules allow traffic for the Pritunl web interface (ports 80 and 443), OpenVPN connections (port 1194), and SSH access to manage your server.

Accessing Pritunl Web Interface

After successfully installing Pritunl, you can access its web interface to complete the configuration.

Generating Setup Key

To access the web interface, you’ll need a setup key. Generate it by running:

sudo pritunl setup-key

Copy the generated key for use in the web interface.

Accessing the Web Interface

Open your web browser and navigate to:

https://your-server-ip

You’ll be presented with the Pritunl setup screen. Paste the setup key you generated earlier and click “Save”.

Install Pritunl VPN Server on Ubuntu 24.04

Initializing the Database

After entering the setup key, the system will prompt you to initialize the database. Once completed, you’ll need the default login credentials.

To get the default username and password, run:

sudo pritunl default-password

This command will display the default credentials to access the Pritunl dashboard.

Setting Up Organizations and Users

Organizations in Pritunl help you group users and manage access control effectively. Let’s create an organization and add users.

Creating a New Organization

  1. Log in to the Pritunl web interface
  2. Navigate to the “Organizations” tab
  3. Click “Add Organization”
  4. Enter a name for your organization (e.g., “MyCompany”)
  5. Click “Add”

Adding Users to the Organization

  1. Select the organization you just created
  2. Click “Add User”
  3. Enter a username and optionally an email address
  4. Set a password or leave it blank to generate a random one
  5. Click “Add”

The user will be added to the organization. You can add multiple users as needed, each with their own access credentials.

Configuring VPN Servers and Connections

After setting up organizations and users, you need to configure VPN servers and establish connections.

Creating a VPN Server

  1. Navigate to the “Servers” tab
  2. Click “Add Server”
  3. Enter a name for your server
  4. Configure the port and protocol (default is UDP 1194)
  5. Set the DNS servers (e.g., 1.1.1.1, 8.8.8.8)
  6. Click “Add”

Attaching Organizations to the Server

  1. Select the server you created
  2. Click “Attach Organization”
  3. Choose the organization you created earlier
  4. Click “Attach”

Starting the VPN Server

  1. Select the server
  2. Click “Start Server”

The server will initialize and be ready to accept connections. The status will change to “Online” once the server is running.

Advanced Configuration Options

Pritunl offers advanced configuration options for enhanced security and customization.

Setting Up Custom SSL Certificates

For improved security, you can replace the default SSL certificate:

  1. Navigate to the “Settings” tab
  2. Under “Server Configuration”, locate the SSL certificate section
  3. Paste your custom certificate and private key
  4. Click “Save”

Configuring Multi-Factor Authentication

Enhance security with two-factor authentication:

  1. Go to the “Settings” tab
  2. Enable “Two-Factor Authentication”
  3. Configure the authentication method (Google Authenticator, etc.)
  4. Save the changes

Split Tunneling Setup

Split tunneling allows you to route only specific traffic through the VPN:

  1. Edit the server configuration
  2. Under “Network Settings”, enable split tunneling
  3. Configure the networks that should go through the VPN
  4. Save the changes

This configuration helps optimize performance by routing only necessary traffic through the VPN.

Connecting Clients to Pritunl VPN

Now that your Pritunl VPN server is configured, you need to set up clients to connect to it.

Downloading User Profiles

  1. In the Pritunl web interface, go to the “Users” tab
  2. Find the user you want to connect
  3. Click on the user’s name
  4. Click “Download” to get the user profile

The profile will be downloaded as a .tar or .zip file containing the OpenVPN configuration.

Installing and Configuring Pritunl Client

For Windows

  1. Download and install the Pritunl client from the official website
  2. Extract the user profile you downloaded
  3. Open the Pritunl client
  4. Click “Import Profile” and select the .ovpn file
  5. Connect to the VPN using the user’s credentials

For macOS

  1. Download and install the Pritunl client for macOS
  2. Extract the user profile
  3. Import the profile into the client
  4. Connect to the VPN

For Linux

You can install the Pritunl client on Ubuntu using the following commands:

sudo apt-key adv --keyserver hkp://keyserver.ubuntu.com --recv E162F504A20CDF15827F718D4B7C549A058F8B6B
sudo apt-key adv --keyserver hkp://keyserver.ubuntu.com --recv 7568D9BB55FF9E5287D586017AE645C0CF8E292A
echo "deb http://repo.pritunl.com/stable/apt focal main" | sudo tee /etc/apt/sources.list.d/pritunl.list
sudo apt update
sudo apt install pritunl-client-electron -y

Then, import the user profile and connect to the VPN.

Troubleshooting Common Issues with Pritunl on Ubuntu 24.04

Even with a careful setup, you might encounter some issues with Pritunl on Ubuntu 24.04. Let’s address some common problems and their solutions.

DNS Resolution Issues

If you’re having DNS resolution problems with Pritunl on Ubuntu 24.04:

  1. Create /32 routes to DNS servers like 1.1.1.1 and 8.8.8.8
  2. Configure these as the DNS servers for VPN clients
  3. Alternatively, remove the DNS Server value in Pritunl configuration

These adjustments help resolve issues where DNS queries are routed through the VPN tunnel but are denied from other networks.

Connection Stability Problems

If you experience connection drops or stability issues:

  1. Check the server load and resources
  2. Verify that all required ports are open in your firewall
  3. Check network connection stability
  4. Update Pritunl to the latest version
  5. Adjust server timeout settings for improved stability

OpenVPN Cipher Issues on Ubuntu 24.04

Ubuntu 24.04 may have specific issues with OpenVPN cipher negotiation. If you encounter authentication problems:

  1. Edit your downloaded .ovpn file
  2. Replace ‘cipher AES-256-CBC’ with ‘data-ciphers-fallback AES-256-CBC’
  3. Save the file and try connecting again

This change addresses the cipher negotiation issues that are specific to newer Ubuntu versions.

No Internet Access for VPN Clients

If VPN clients can connect but don’t have internet access:

  1. Verify that IP forwarding is enabled
  2. Check the routing configuration in Pritunl
  3. Ensure that firewall rules allow traffic forwarding
  4. Configure appropriate DNS servers for clients

Security Best Practices for Pritunl

Implementing proper security measures is essential for maintaining a secure VPN environment.

Keeping Pritunl and Ubuntu Updated

Regularly update both Pritunl and your Ubuntu system to ensure you have the latest security patches:

sudo apt update
sudo apt upgrade -y

Implementing Strong Authentication

  1. Use strong passwords for all user accounts
  2. Enable two-factor authentication
  3. Regularly rotate credentials
  4. Consider using PIN protection for clients

Monitoring Connection Logs

Regularly review connection logs to identify unusual activities:

  1. Navigate to the “Logs” tab in the Pritunl web interface
  2. Review connection attempts and user activities
  3. Set up log monitoring and alerting for suspicious events

Securing the Web Administration Interface

  1. Change the default admin credentials immediately after installation
  2. Use a custom SSL certificate for the web interface
  3. Consider restricting web interface access to specific IP addresses
  4. Set up a reverse proxy with additional authentication if needed

Congratulations! You have successfully installed Pritunl VPN. Thanks for using this tutorial for installing the Pritunl VPN Server on your Ubuntu 24.04 LTS system. For additional help or useful information, we recommend you check the official Pritunl website.

VPS Manage Service Offer
If you don’t have time to do all of this stuff, or if this is not your area of expertise, we offer a service to do “VPS Manage Service Offer”, starting from $10 (Paypal payment). Please contact us to get the best deal!
Tags
r00t
Photo of r00t

r00t

r00t is an experienced Linux enthusiast and technical writer with a passion for open-source software. With years of hands-on experience in various Linux distributions, r00t has developed a deep understanding of the Linux ecosystem and its powerful tools. He holds certifications in SCE and has contributed to several open-source projects. r00t is dedicated to sharing her knowledge and expertise through well-researched and informative articles, helping others navigate the world of Linux with confidence.
Copyright © 2025 idroot.us | All Rights Reserved | Follow us for more Linux tutorials!
Back to top button