Deploy OpenVPN in 5 minutes

Posted by / May 16, 2014 / Categories: VPN / Tags: ,

Many of our customers use BHost services to host a VPN server. We’re particularly proud to be helping many customers in countries that face internet censorship. By using a VPN they can enjoy the internet how it should be.

We’ve written this guide to help you deploy OpenVPN in 5 minutes, using a fantastic third party script that runs through the installation steps automatically. Special thanks to @Nyr7 for making this script.

You’ll need a BHost VPS which is available to order from just £4 per month.

Step 1 – Operating System

This script has been written for Debian based operating systems, and we recommend new customers start off with a fresh install of Ubuntu 12.04 LTS. If you’ve just ordered a VPS from BHost, you can install Ubuntu through the control panel:

openvpn-guide-reinstall

If you’re on our OpenVZ platform, enable TUN/TAP via the control panel too.

Step 2 – Login as root

Using your preferred client, SSH in to your VPS:

ssh root@78.129.251.251
root@78.129.251.251's password: 
Welcome to Ubuntu 13.04 (GNU/Linux 2.6.32-042stab081.3 x86_64)
root@test:~#

Step 3 – Download and execute the script

It’s as simple as executing this:

wget http://git.io/vpn --no-check-certificate -O openvpn-install.sh; chmod +x openvpn-install.sh; ./openvpn-install.sh

Step 4 – Some basic config

The script will now guide you through a few steps to get going… you’ll need to define things like the listen address and listen port. Leaving these all as the default options should work just fine unless you’re an advanced user.

Welcome to this quick OpenVPN "road warrior" installer

I need to ask you a few questions before starting the setup
You can leave the default options and just press enter if you are ok with them

First I need to know the IPv4 address of the network interface you want OpenVPN
listening to.
IP address: 109.169.46.236

What port do you want for OpenVPN?
Port: 1194

Do you want OpenVPN to be available at port 53 too?
This can be useful to connect under restrictive networks
Listen at port 53 [y/n]: n

Finally, tell me your name for the client cert
Please, use one word only, no special characters
Client name: bhost 

Okay, that was all I needed. We are ready to setup your OpenVPN server now
Press any key to continue...

The script will then get any necessary dependancies, install OpenVPN and generate some certificates which may take a few minutes.

Step 5 – get the client config files

Once the script has finished, you’ll see the following output:

Finished!

Your client config is available at ~/ovpn-bhost.tar.gz
If you want to add more clients, you simply need to run this script another time!

The tarball contains the config files for your VPN connection. Move the tarball to your local machine and extract the contents.

There’s no easy way to untar on Windows, so you might prefer to untar on the VPS first using:

 tar -zxvf ovpn-demo.tar.gz

Copy the config files to your client machine, perhaps by SFTP. If you’d like a nice easy graphical SFTP client, you could use WinSCP on Windows or Cyberduck on Mac to copy the files over.

Step 6 – configure your client

After extraction, you’ll have four files from the tarball, yours might be named differently, but from our demo they are:

demo.conf
ca.crt
demo.crt
demo.key

You’ll need to install an OpenVPN client – on Windows you can use the official OpenVPN client – on OS X we quite like Tunnelblick.

On Tunnelblick, it’s as simple as adding a new VPN by clicking the + button:

Screen Shot 2014-05-16 at 14.58.04

You can then follow the instructions provided by Tunnelblick, and drag and drop over your previously created configuration files.

Disclaimer

Please be aware of our Terms and Conditions when using BHost services for a VPN. You’re not allowed to commercially sell VPN access, and of course any traffic that goes through the VPN must be compliant with our Terms. Please be aware we don’t provide any guarantees, warranty or support in relation to this third party script. But in our experience, its an excellent way to get your VPN going in no time!

Feedback

We hope you found this short guide useful… let us know your feedback on Twitter @BHostCloud – and let us know what topic should be covered in our next how-to!

About the author
I'm George and I work in the BHost support team. I'm responsible for replying to customer support requests, as well as writing articles for our help center. If there's anything you'd like us to blog about, let us know by emailing support@BHost.net