Setting up an OpenVPN server on Debian 10 can be done in just a few minutes using the following steps:
- Install OpenVPN by running the command
sudo apt-get install openvpn - Create a directory to store the server configuration files by running the command
sudo mkdir /etc/openvpn/server - Generate the server’s private key and certificate by running the command
sudo openvpn --genkey --secret /etc/openvpn/server/secret.key - Create a configuration file for the server by running the command
sudo nano /etc/openvpn/server/server.confand add the following content to it:
port 1194
proto udp
dev tun
ca /etc/openvpn/server/ca.crt
cert /etc/openvpn/server/server.crt
key /etc/openvpn/server/server.key
dh /etc/openvpn/server/dh.pem
server 10.8.0.0 255.255.255.0
ifconfig-pool-persist ipp.txt
push "redirect-gateway def1 bypass-dhcp"
push "dhcp-option DNS 8.8.8.8"
push "dhcp-option DNS 8.8.4.4"
keepalive 10 120
comp-lzo
persist-key
persist-tun
status openvpn-status.log
verb 3
- Generate the Diffie-Hellman parameters by running the command
sudo openvpn --genkey --secret /etc/openvpn/server/dh.pem - Start the OpenVPN server by running the command
sudo systemctl start openvpn@server - Enable OpenVPN to start automatically at boot by running the command
sudo systemctl enable openvpn@server - Create client configuration files and distribute them to your clients.
- Configure your firewall to allow incoming connections on port 1194
After completing these steps, you should have a fully functional OpenVPN server that you can connect to from any client with the proper configuration files.
It is important to note that this is a basic setup and there are many other options and configurations that can be added to the server.conf file to improve security and functionality, also the host firewall should be configured to allow incoming connections on port 1194.