How to Install OpenVPN on Ubuntu Linux VPS

This post is in continuation of my earlier post where we discussed how to install OpenVPN on Centos Linux VPS  . Today i am going to graphically show you how to install OpenVPN on a Ubuntu VPS . In this post i will be omitting some very basic steps like installing putty and openvpn  client on Windows , editing files with vi text editor etc and transferring files through winscp . You may refer to the earlier post i mentioned for these basic steps . Here is what you will require to accomplish this installation of OpenVPN on Ubuntu :

  • An OpenVZ  VPS with minimum 64 MB ( preferably 128 MB ) RAM with vanilla install of Ubuntu 11.04 OS. I tested this tuotorial with Ubuntu 11.04 , though i have all the reasons to believe that it should work for other ubuntu versions as well. You must be having root access to the VPS. You can get cheap VPS under $20 per year easily . For some very cheap offers you can find this site very  useful.
  • Putty for connecting remotely with your VPS
  • Winscp for tranferring certificates and key files to your computer.
  • OpenVPN client for your computer.
With this small introduction we begin our ‘long’  journey of installing OpenVPN on a Ubuntu VPS.
UPDATE: ( If you get stuck at any point, it is likely that the package versions mentioned in these commands have been replaced by a newer version. Try to replace the version number with a newer version. For example in this command cd /etc/openvpn/easy-rsa/2.0/    the new version number might be 2.1 or 2.2 or whatever. Google for the latest version and you should be good to go to install OpenVPN on Ubuntu. I will try to refresh this tutorial when i get some free time. But basically the commands will remain same.) 

Step One: Connect to your computer through putty as root and issue the following commands ( one by one ) to update your Ubuntu installation and packages.

apt-get update

apt-get upgrade –show-upgraded

Step Two: Install Ubuntu OpenVPN server by issuing the following command in Putty Window.

apt-get install openvpn udev

Step Three : Ubuntu OpenVPN comes with encryption tool called Easy RSA and we need to copy relevant files to the OpenVPN directory. Issue the following command in the Putty Window.

cp -R /usr/share/doc/openvpn/examples/easy-rsa/ /etc/openvpn

Step Four: Next we are going to initiate the Public Key Infrastructure ( PKI ) and build Certificate Authority which we will use to create keys and certificates for Server and clients of OpenVPN. Issue the following commands.

cd /etc/openvpn/easy-rsa/2.0/

. /etc/openvpn/easy-rsa/2.0/vars

. /etc/openvpn/easy-rsa/2.0/clean-all

. /etc/openvpn/easy-rsa/2.0/build-ca

The last command will initiate a script that will ask for values. Just keep on hitting the Enter button on your computer and accept the default values except the email which you would like to change , though it is not very critical.

Step Five: Next we need to create Server Key using the Certificate Authority we built in Step Four of installing OpenVPN on Ubuntu. Issue the following command in the putty window and just keep on hitting Enter button at prompts ( optionally you might want to change the email ) :

. /etc/openvpn/easy-rsa/2.0/build-key-server server

Similarly we also need to create client key by using the following command in Putty terminal window:

. /etc/openvpn/easy-rsa/2.0/build-key client1

Step Six : We need to generate Deffie Hellman Parameters which will be governing the key exchanges between the client and the server of Ubuntu OpenVPN. Issue the following command in Putty Terminal window.

. /etc/openvpn/easy-rsa/2.0/build-dh

Step Seven : Next we need to relocate the keys from  /etc/openvpn/easy-rsa/2.0/keys to /etc/openvpn directory by using the following commands in the Putty window :

cd /etc/openvpn/easy-rsa/2.0/keys

cp ca.crt ca.key dh1024.pem server.crt server.key /etc/openvpn

Step Eight : In this step we are going to configure the Virtual Private Network by altering certain configuring files that come as default with the the installation of OpenVPN on Ubuntu. Here we will need to use the linux text editor named vi . It is very easy to use all you have to remember is that in order to enter Insert Mode ( editing mode ) , you will need to press i on your keyboard. To come out of the insert mode and save the changes you will press Escape button your  keyboard and then type :wq and press enter. Issue the following commands one by one in the Putty Window :

cd /usr/share/doc/openvpn/examples/sample-config-files

gunzip -d server.conf.gz

cp server.conf /etc/openvpn/

cp client.conf ~/

cd ~/

vi client.conf

Edit the client.conf file at two locations :

Enter the IP address of your Ubuntu VPS and rename client.crt an client.key files to client1.crt and client1.key .


Step Nine : Now is the time to start the Ubuntu OpenVPN Server . Use the following command in the Putty terminal window :

/etc/init.d/openvpn start

Step Ten : In this step we are going to do necessary amendments to tunnel all traffic through the OpenVPN server on the VPS.  We need to amend certain files .

First issue the following command and edit server.conf file.

vi  /etc/openvpn/server.conf

uncomment the following line

push “redirect-gateway def1 bypass-dhcp”


and then add the following line

push “dhcp-option DNS″

Step Eleven : Next we need to edit /etc/sysctl.conf file .

Issue the following command

 vi /etc/sysctl.conf

and uncomment the following line


Next we issue the following command in the

echo 1 > /proc/sys/net/ipv4/ip_forward

Next issue the following commands to configure Iptables one by one:

iptables -A FORWARD -m state –state RELATED,ESTABLISHED -j ACCEPT
iptables -A FORWARD -s -j ACCEPT
iptables -A FORWARD -j REJECT
iptables -t nat -A POSTROUTING -s -j SNAT –to-source YourVPSIP

(Insert your vps Ip in place of red text before issuing last command.)

Next issue the following command to edit /etc/rc.local file and add the iptables rules in there :

vi /etc/rc.local

iptables -A FORWARD -m state –state RELATED,ESTABLISHED -j ACCEPT
iptables -A FORWARD -s -j ACCEPT
iptables -A FORWARD -j REJECT
iptables -t nat -A POSTROUTING -s -j SNAT –to-source YourVPSIP

(Again remember to Insert your vps Ip in place of red text before issuing last command.)

Finally restart the Ubuntu OpenVPN server by the following command in putty terminal window :

/etc/init.d/openvpn restart

Step Twelve : Next we transfer the following four files from VPS Ubuntu OpenVPN server to client machine where you would install openvpn client and transfer those files to config directory of OpenVPN . You can refer to my earlier post  (step 9 and Step 15 ) for Installation of OpenVPN on Centos for instructions on how to transfer the files through WinScp towards the end of the article. With these minor steps of transferring key files to your client computer , we have successfully installed OpenVPN on Ubuntu VPS .

And finally you will be able to test your IP through or other similar sites and if the reported IP is that of your VPS , then you have followed my tutorial in true spirit  and successfully installed OpenVPN on Ubuntu. You will be able to watch the geo restricted content then and bypass any filters your ISP or government may have imposed like i was able to watch Hulu though i am in Pakistan . This is a free world and internet is born to be free without any restrictions.

This was all about it . And believe you me , it is as simple as it gets and you wont find any tutorial on the internet simpler than this to install OpenVPN on Ubuntu .



  1. Craig January 21, 2012
    • Evgheni November 18, 2013
    • Doldz June 11, 2014
  2. Shah February 13, 2012
  3. Damir February 20, 2012
  4. asrulfnd April 3, 2012
  5. Kyle June 2, 2012
  6. chernobel July 22, 2012
  7. FARUQ August 4, 2012
  8. xtreme September 24, 2012
  9. Patrick October 5, 2012
  10. Patrick October 5, 2012
  11. none February 24, 2013
  12. gb March 18, 2013
  13. Chandan March 28, 2013
  14. Alper April 5, 2013
  15. John April 6, 2013
  16. Aleksandar June 8, 2013
    • Dr ME October 28, 2013
  17. jason November 15, 2013
  18. Alex November 28, 2013
  19. farbod February 8, 2014
  20. Rob5561 March 24, 2014

Leave a Reply

Your email address will not be published. Required fields are marked *