Open VPN is an open source Virtual Private Network solution. Internet users would be able to make use of such a system to make use of the internet in a much more effective manner. Step by step instructions on how to install and configure Open VPN on Debian is given below.
Setup SSH connection
Mac or Linux users would be able to use SSH along with terminal program and for Windows users, they could use it along with PuTTY. Open the terminal program and enter the username in the following command:
Command: “ssh username@ipaddress”
If the system asks for password, enter it in the corresponding entry. Now the Debian OpenVPN configuration can be started.
Open VPN installation
Before proceeding with the Debian Open VPN configuration, it is necessary to make sure that all the system packages are up to date. To check this, enter the following command:
Command: “sudo apt-get update”
If there are any updates found, then all of it can be updated using this command:
Command: “sudo apt-get upgrade”
After updating all the packages, now Open VPN can be installed. Use the following command:
Command: “sudo apt-get install openvpn udev”
After the completion of Open VPN installation, the procedure for configuring Open VPN can be initiated. All the files should be copied in the first place. This is mandatory for encryption. All the files should be copied from the default directory on to a directory which can be read easily by the cloud server.
Command: “sudo cp –r /usr/share/doc/openvpn/example/easy-rsa /etc/openvpn”
RSA file generation:
This is the next stage of Debian Open VPN configuration. RSA file parameters should be entered when you initiate this process. The values can be entered by the user and all the values input by the user would be part of the certificate. Debian Open VPN configuration could be started by the user by entering the following command:
Command: “cd /etc/openvpn/easy-rsa/2.0/”
RSA File generation commands:
“source ./vars
sudo ./clean-all
sudo ./build-ca”
Open VPN name assignment
In this step, the user should enter a server name for the Open VPN connection that is about to be setup. Name of the Open VPN server should be entered by the user and the name given is completely user- specific.
Command: “sudo ./etc/openvpn/easy-rsa/2.0/build-key-server server”
Hellman Key parameter configuration
Command: “sudo . /etc/openvpn/easy-rsa/2.0/build-dh”
Key generation should take place for each of these clients separately. Key identifier should be unique and should not be the same for different clients.
Command: “sudo . /etc/openvpn/easy-rsa/2.0/build-key client”
Directory movement
As mentioned before, all the files should be moved to a new directory.
Command:
“sudo cp /etc/openvpn/easy-rsa/2.0/keys/ca.crt /etc/openvpn
sudo cp /etc/openvpn/easy-rsa/2.0/keys/ca.key/etc/openvpn
sudo cp /etc/openvpn/easy-rsa/2.0/keys/dh1024.pem /etc/openvpn
sudo cp /etc/openvpn/easy-rsa/2.0/keys/ FILE NAME /etc/openvpn
sudo cp /etc/openvpn/easy-rsa/2.0/keys/ FILE NAME /etc/openvpn”
FILE NAME indicates the new file name given by the user.
VPN access status
The following commands can be used by the user in order to restrict or allow access to the VPN service by any particular user.
Command:
“sudo . /etc/openvpn/easy-rsa/2.0/vars
sudo . /etc/openvpn/easy-rsa/2.0/revoke-full NAME OF CLIENT”
Enter the Name of the client in the slot mentioned in the command for who you want to remove VPN access.
Debian OpenVPN configuration
Debian Open VPN configuration can be started now. It is mandatory to generate all the files for configuration before initiating the Debian Open VPN configuration procedure. Files can be retrieved using the command below:
“sudo gunzip –d /usr/share/doc/openvpn/examples/sample-config-files/server.conf.gz
sudo cp /usr/share/doc/openvpn/examples/sample-config-files/server.conf /etc/openvpn
sudo cp /usr/share/doc/openvpn/examples/sample-config-files/client.conf -/cd”
- Client configuration file can be modified according to the liking of the user. Users also have the ability to modify various other files too.
- ‘Remote’ option should be changed according to the port configuration, so that it can connect to the cloud server. Port configuration should be the one configured in the OpenVPN setup.
- Values like ‘cert’ and ‘keys’ should be changed in order to be similar to that of the ones mentioned in the certificate.
- Changes can be saved by simply entering the letter ‘y’ and press Enter or the changes can also be saved by typing ‘Ctrl+X’.
Copying files to the local client machines
Command: “nano -/client.conf”
Server configuration file changes
Command: “sudo nano /etc/openvpn/server.conf”
Debian OpenVPN configuration – setup complete
Debian OpenVPN configuration setup is almost done and now, the user will be able to make use of the OpenVPN connection setup on Debian. Final step is to restart the OpenVPN setup.
Command: “sudo /etc/init.d/openvpn restart”
