OpenVPN for housewives in 5 minutes on any Linux

Remember to study the detailed OpenVPN installation guide to understand what you’ve done.

I recommend that you only install OpenVPN using this guide, on a clean operating system. Any automatic installation, always breaks under the twisted brains of your super-duper programmer or system administrator.

Step 0: Choose a cheap VPS

OpenVPN does not require an expensive VPS. It is worth paying attention to the internet speed of your service provider so that movies do not slow down when you watch them and torrents can be downloaded. Check out our selection of the Best VPS for VPN hosting.

Step 1: Upgrade the operating system

So, you’ve bought a VPS with some Linux, no matter if it’s Ubuntu, Debian or CentOS. Just make sure you choose a newer version of the Linux distribution you like.

You will need to update your operating system before installing the OpenVPN script. Ubuntu, Debian enter commands and wait for their execution:

apt update
apt upgrade

CentOS use the Yum tool:

yum update -y

Step 2: Download the script

In this step we download the script from angristan’s GitHub using the wget command. The following commands will be used, which are the same in all distributions of CentOS, Ubuntu and Debian.

Go to the directory where we download the script, usually it is the user’s home directory, but since you have just bought a VPS, you will have the user as root!

cd /root
wget https://raw.githubusercontent.com/angristan/openvpn-install/master/openvpn-install.sh

Make the script executable:

chmod +x openvpn-install.sh

Step 3: Install OpenVPN server

And start the installation:

./openvpn-install.sh

The first question will be about your ip address, don’t enter anything, press Enter.

Welcome to the OpenVPN installer!
The git repository is available at: https://github.com/angristan/openvpn-install

I need to ask you a few questions before starting the setup.
You can leave the default options and just press enter if you are ok with them.

I need to know the IPv4 address of the network interface you want OpenVPN listening to.
Unless your server is behind NAT, it should be your public IPv4 address.
IP address:

The second question is whether we want to enable IPv6, which is disabled by default. On modern distributions we agree.

Do you want to enable IPv6 support (NAT)? [y/n]: y

By default OpenVPN uses port 1194, press 1

What port do you want OpenVPN to listen to?
   1) Default: 1194
   2) Custom
   3) Random [49152-65535]
Port choice [1-3]: 1

Select the protocol and of course select UDP (unless of course you plan to connect MikroTik equipment to the VPN). Type 1.

What protocol do you want OpenVPN to use?
UDP is faster. Unless it is not available, you shouldn't use TCP.
   1) UDP
   2) TCP
Protocol [1-2]: 1

Now you need to select a DNS provider, if there is no preference, select DNS from Google, to do this enter 9:

What DNS resolvers do you want to use with the VPN?
   1) Current system resolvers (from /etc/resolv.conf)
   2) Self-hosted DNS Resolver (Unbound)
   3) Cloudflare (Anycast: worldwide)
   4) Quad9 (Anycast: worldwide)
   5) Quad9 uncensored (Anycast: worldwide)
   6) FDN (France)
   7) DNS.WATCH (Germany)
   8) OpenDNS (Anycast: worldwide)
   9) Google (Anycast: worldwide)
   10) Yandex Basic (Russia)
   11) AdGuard DNS (Anycast: worldwide)
   12) NextDNS (Anycast: worldwide)
   13) Custom
DNS [1-12]: 9

Do you want to use compression? You don’t need to use it without understanding what and where it will be compressed. Refuse to use compression by typing n.

Do you want to use compression? It is not recommended since the VORACLE attack makes use of it.
Enable compression? [y/n]: n

When asked about setting up encryption, we refuse. Type n

Do you want to customize encryption settings?
Unless you know what you're doing, you should stick with the default parameters provided by the script.
Note that whatever you choose, all the choices presented in the script are safe. (Unlike OpenVPN's defaults)
See https://github.com/angristan/openvpn-install#security-and-encryption to learn more.

Customize encryption settings? [y/n]: n

Only now will the OpenVPN installation process begin, press Enter and watch the installation.

Okay, that was all I needed. We are ready to setup your OpenVPN server now.
You will be able to generate a client at the end of the installation.
Press any key to continue...

Step 4: Add OpenVPN clients

Once the OpenVPN server installation is complete, the installation script will prompt you to add your first client. You will see the following output screen, where you will need to enter the client name (e. g. user1).

Tell me a name for the client.
The name must consist of alphanumeric character. It may also include an underscore or a dash.
Client name: user1

Next you will be asked if you want to password protect the configuration file, select 1 (i.e. protect).

Do you want to protect the configuration file with a password?
(e.g. encrypt the private key with a password)
   1) Add a passwordless client
   2) Use a password for the client
Select an option [1-2]: 1

This completes the installation process. Finally, you have a working OpenVPN cthdth user1 has been created with the configuration file /root/user1.ovpn to connect the OpenVPN client software. This is what we see on the screen:

Client гuser1 added.

The configuration file has been written to /root/гuser1.ovpn.
Download the .ovpn file and import it in your OpenVPN client.

Now you need the file guser1.ovpn and copy it to the client.

Consider the Windows client connection option.

Windows has no built-in support for OpenVPN, an additional client must be installed. Download the official OpenVPN client. After installation (c:\Program Files\OpenVPN) copyuser1.ovpn to c:\Program Files\OpenVPN\config. Start the client and connect.

To consolidate the material, let’s add another client: To do this, we need to re-run the script. The script will detect that the OpenVPN server is already installed and will offer 4 options: 1) Add new user 2) Delete existing user 3) Delete OpenVPN server 4) Exit the running script

./openvpn-install.sh
It looks like OpenVPN is already installed.

What do you want to do?
   1) Add a new user
   2) Revoke existing user
   3) Remove OpenVPN
   4) Exit
Select an option [1-4]:

Congratulations, you have installed the VPN server in just 5 minutes!

Conclusion or what’s left behind the scenes

At the beginning of this article, I provided a link to a detailed article on installing OpenVPN.

I want to point out that the installation script added a rule to the firewall (iptables) of your Linux, do not remove it, otherwise the VPN will stop working.

iptables -L -t nat
 
Chain POSTROUTING (policy ACCEPT)
target     prot opt source               destination
MASQUERADE  all  --  10.8.0.0/24          anywhere

1 Comment
  1. I’m not a housewife, but thanks anyway.

Leave a reply

Best VPN Report
Logo
Shopping cart