Featured Post

HOW TO: Install VPN server on Ubuntu when server is behind firewall

The whole point in this post is to run your own VPN service, and allow you to connect remote devices to your home network. To start off yo...

Sep 29, 2017

HOW TO: Install VPN server on Ubuntu when server is behind firewall

The whole point in this post is to run your own VPN service, and allow you to connect remote devices to your home network.

To start off you need to choose a server that is going to be always available, or at least you should try to do that. Next thing is to install OpenVPN on the server and configure it, this can be done in no time at all with the help of the following site:

https://github.com/Nyr/openvpn-install

The first command you are going to need to do is as follows:

wget https://git.io/vpn -O openvpn-install.sh && bash openvpn-install.sh

This downloads and executes the installation script, I had to run this as sudo, so:

sudo wget https://git.io/vpn -O openvpn-install.sh && bash sudo openvpn-install.sh

This script will take you through a variety of questions where you are prompted for entry, in most cases the default option will be appropriate and filled - however if you are running behind a firewall (which you probably will be, I'd like to point out a couple of gotchas).

The IP address of the local machine should indeed be the local IP, there are other sites that suggest this should be the WAN IP of the server, that's fine if the server has direct access to the internet - which mine does not, since it is behind the firewall I choose the local IP so it configures the correct interface to be monitoring.

Next major question is configuring your external IP if you are behind a NAT, honestly you should be using a FQDN and not an IP - check out my previous post on dynu.com options [http://www.geekfreely.com/2015/10/configuring-ddclient-on-ubuntu-server.html]

Once you are finished answering the questions you are ready to make client profiles, run the installer again and you will be prompted a variety of options, you are going to want to add a user:

1) Add a new user
2) Revoke an existing user
3) Remove OpenVPN
4) Exit

Now that you have OpenVPN server installed in Ubuntu, and a client profile created for your device - all you have to do is setup any port forwarding required to the OpenVPN server.

So in my case I setup a rule to forward all 1178 (1194 if you followed the default options) UDP VPN requests from my external IP address to the local IP address of the server running OpenVPN. This was done at my cable modem/router.

That's it, you're done. Let me know if you have any questions or comments below - feel free to donate/tip the creator of the script on the following site:

https://github.com/Nyr/openvpn-install

No comments: