Setting up OpenVPN on a VPS to create a secure connection

8 hours ago
nikolay
3 minutes

How to install and configure OpenVPN on a VPS server

1. What it is used for

OpenVPN is a well-established solution that allows you to create a secure VPN connection between devices.

It is used in different scenarios:

  • secure access to a server without risk of interception
  • connection to private or internal services
  • encryption of all internet traffic

In simple terms, it turns a regular connection into a private and controlled one.

2. What you need before starting

Before proceeding with the setup, make sure you have:

  • a VPS running Linux (Ubuntu or Debian)
  • SSH access to the server
  • an open port for VPN (typically 1194)

Without this, the setup cannot proceed.

3. Installing OpenVPN

After connecting to the server, install the required packages:

apt update
apt install openvpn easy-rsa -y

Then create a working directory for key generation:

make-cadir ~/openvpn-ca
cd ~/openvpn-ca

This is a separate directory where all cryptographic files will be stored.

4. Generating keys and certificates

Initialize the PKI (public key infrastructure):

./easyrsa init-pki
./easyrsa build-ca

Then generate the server certificate:

./easyrsa gen-req server nopass
./easyrsa sign-req server server

And create client keys in the same way:

./easyrsa gen-req client nopass
./easyrsa sign-req client client

This step is critical — it defines the security of the entire connection.

5. Server configuration

Copy the default configuration file:

cp /usr/share/doc/openvpn/examples/sample-config-files/server.conf /etc/openvpn/

In /etc/openvpn/server.conf, pay attention to:

  • paths to certificates and keys
  • port (1194)
  • protocol (UDP)

Then start the service:

systemctl start openvpn@server
systemctl enable openvpn@server

6. Client connection

To connect, you need a .ovpn configuration file that already includes all required parameters, certificates, and keys.

Recommended clients:

  • OpenVPN Client (Windows / macOS)
  • OpenVPN Connect (iOS / Android)

Import the file — and the connection is ready.

7. Verifying the setup

After connecting, check the basics:

  • connection is established without errors
  • external IP address changes
  • traffic is routed through the VPS

If all of this works — the setup is correct.

8. Common issues

Most problems come down to simple things:

  • port 1194 is blocked by a firewall
  • certificate or key errors
  • OpenVPN service is not running

Check status with:

systemctl status openvpn@server

9. OpenVPN vs WireGuard

OpenVPN:

  • more flexible in configuration
  • suitable for various scenarios
  • stable even in complex networks

WireGuard:

  • faster
  • easier to configure
  • lower overhead

The choice depends on the task, not just on performance.

10. Conclusion

OpenVPN remains a solid option when flexibility and compatibility are important.

For simpler setups with minimal configuration, WireGuard is often the more convenient choice.

Leave a Reply 0

Your email address will not be published. Required fields are marked *