04 Sep How to Set Up Your Own Home VPN Server
Virtual Private Network (VPN) is the best way to increase security to your browsing and also to prevent the network from hackers. The VPN creates an encrypted channel between the client and the server. The encrypted channel carries data that cannot be decrypted without appropriate keys. Besides internet anonymity, the VPN has many other uses. It can connect a user to a LAN even if the user is not anywhere near the network. The steps on how to set up your home VPN server are as follows.
Step 1: Prerequisites
Update your system to the latest version to successfully create a VPN.
Step 2: Install OpenVPN
OpenVPN is a Powerful and highly flexible VPN software. The OpenVPN uses all the authentication, encryption, and certificates to implement virtual private network methods. The OpenVPN will be used to create certificates and manage private keys.
Step 3: Configure Network Settings
We need to setup a bridge network to our server to allow the VPN to function.
Open a terminal and type:
This command allows you to edit the interfaces files of the server. The file should have only two lines. If it has more lines in it, ensure to comment those with a hashtag (#). After you finished typing the comments, press Control + O and enter to save changes. Press control + X to exit.
iface lo inet loopback
#these commands are used to create a bridge for OpenVPN
Iface br0 inet static
#the above-specified IP address needs to be replaced by your servers’ IP address
#Thenetmask need not be changed.
#this refers to the default gateway of your router.
#this line creates a bridge to your Ethernet connection for OpenVPN
Iface eth0 inet manual
upifconfig $IFACE 0.0.0.0 up
upip link set $IFACE promise on
downip link set $IFACE promise off
downifconfig $IFACE down
Step 4: Forwarding
IPv4 needs to be enabled which allows the client on the VPN to browse the internet. Open the terminal and type:
Step 5: Create the server key and certificates
The certificates that are created in this step will allow the server to authorize clients trying to access the VPN.
Create a Easy-rsa folder, Open terminal on the server and type:
To get the example certificate files from directory to the newly created directory.
sudocp –R /usr/share/doc/openvpn/examples/easy-rsa/2.0/*/etc/openvpn/easy-rsa/
To change the ownership of the files use the chown command.
sudochown –R $USER /etc/openvpn/easy-rsa/
Step 6: Create client certificates
Client certificates allow client devices to access VPN servers. In the terminal enter:
then prepare the vars script:
to create client certificates:
KEY_CN=client ./pkitool client
The word client can be replaced by any name the user assigns to the client device.
Press alt+f2 to copy these as root files.
Step 7: Create server VPN scripts
VPN scripts need to be created to bring up the VPN network. In the terminal enter:
A blank document will be opened in the terminal copy and paste the following text in the document:
/sbin/ifconfig $DEV mtu $MTU promisc up
/sbin/brctladdif $BR $DEV
After finishing press Control + o to save changes and control + X to exit. Now to create the down script, enter the following in the same terminal:
Copy and paste the following text:
/sbin/brctldelif $BR $DEV
/sbin/ifconfig $DEV down
Once finished press Control + O to save the changes and to exit press control + X.
We still need to make the script executable. Enter:
Sudochmod 744 /etc/OpenVPN/down.sh
Sudochmod 755 /etc/OpenVPN/up.sh
Step 8: configure OpenVPN settings
There are various things to be changed in the configuration line. In a terminal enter:
sudocp /usr/share/doc/openvpn/examples/sample-config-files/server.conf.gz /etc/openvpn/
sudogzip -d /etc/openvpn/server.conf.gz
open the config line, enter in the terminal:
Step 9: Install and configure OpenVPN on Ubuntu Linux
In a terminal on the client server enter:
Sudo apt-get installnetworl-manager-openvpn-gnome
Copy the certificates from step 6 to the home directory.
Open the network manager by clicking system settings > network.
Choose OpenVPN as the connection type and click create.
Name the VPN and enter the server’s domain name.
Open client.crt file, ca.crt file and client.key in the private key field.
Check the use LZO data compression check box
Check the use a tap device check box
In the general tab, uncheck all users may connect to this network check box
Open the ta.key file.
Set the direction of the key to 1.
Click OK to save the advanced settings.
There should be an OpenVPN GUI icon on your desktop. Find the icon in the system tray. Right click and connect. The program will now connect you to your VPN server.