In my example, I’ll make use of the already available infrastructure on the OpenVPN server and generate the client request and certificate on the server and copy later the generated artifacts over to the client. The vantage by creating the request on the client is that the private key will stay on the client. This is done by specifying the client parameter in the generate certificate request command.ĭepending whether or not easy-rsa or any other tool to generate a certificate request is available on the client, the request can be generated directly on the client. The process to create the client certificate is the same as with the server certificate, only the certificate type must be client, or: TLS Web Client Authentication. In my case, this server is installed together with the OpenVPN server on the AWS EC2 instance. This certificate needs to be issued by the CA server that also issued the certificate of the OpenVPN server. Therefore, the client needs to have a valid client certificate. It should show your VPS’s IP address.OpenVPN uses certificates to authenticate the server and clients.
You can verify this by visiting this url ip.esc.sh. You’re now connected to the vpn and all the traffic is now being routed through the vpn. Wait for it to connect and there you go. Enter the pin you used while creating the user. Now click on the three dashes, and click “connect”. Click on “import profile” and then choose the “ovpn” file we extracted in the previous step. Once you have installed the “pritunl client”, open it up. Go to and download the vpn client depending on your local machine from where you will be connecting to the VPN. For us to connect to the VPN, we need a vpn client. This is the OpenVPN config file we will be using to connect to the VPN server. Extract the tar file and you will get a file in the format “organization_user_servername.ovpn”. Download the configuration from the users tab. Back in Servers tab, start the server by pressing “Start server”. Click on the users tab, and then Add user. Back in the servers tab, click on attach organization, and then attach the server to the organization you just created. Give a name for your organization, and click add. Now we need to create an organization and a user. Now click on Servers and then Add server give any name you like, and click “add”. Leave the mongodb url as it is and click save Run the command pritunl setup-key in the VPS and copy the setup key. You will get a warning from your browser sayin that the connection is insecure, you can safely discard this warning as this is caused by the self signed certificates being used by pritunl. Once the installation is finished, go to You can use the command curl ip.esc.sh to get the public IP of your VPS. echo "deb trusty/mongodb-org/3.2 multiverse" > /etc/apt//mongodb-org-3.2.listĮcho "deb trusty main" > /etc/apt//pritunl.listĪpt-key adv -keyserver hkp:// -recv 42F3E95A2C4F08279C4960ADD68FA50FEA312927Īpt-key adv -keyserver hkp:// -recv 7568D9BB55FF9E5287D586017AE645C0CF8E292AĪnd, that should install and start the Pritunl server on your VPS. If you are using an Ubuntu 14.04 machine, Open a Terminal and issue the following commands one by one. If you’re using anything other than Ubuntu 14.04, go to Īnd follow the instructions corresponding to your distro, install the packages and continue with this article. Let’s get started Installing the required packages But, I’d advice you to use Ubuntu 14.04.įor this setup, I have a 512MB DigitalOcean VPS running Ubuntu 14.04. For more information, go to How to setup Pritunl in your VPS Pritunl is a distributed enterprise vpn server built using the OpenVPN protocol. You have a fully functional VPN server with a web interface where you can manage your users, servers, organizations etc. 
You install a few packages and you’re done.
Today, I’ll show you guys how to setup OpenVPN and manage users without any hiccups. I know a lot of you would agree with me there.
Setting up OpenVPN on your own server can be real pain in the a**.
0 kommentar(er)
