VPN, or virtual private network, is a secure method of connecting remote internet resources together as if they were under the same LAN. OpenVPN is a popular implementation that works on Linux, Windows, and Mac operating systems and can be utilized to create complex, encrypted networks between physically dispersed servers.
The OpenVPN Access Server is a solution built on top of traditional OpenVPN that is used as a complete portal for managing connections, users, and interfaces. It provides the underlying VPN instance, a web interface for managing the suite, and a client that can be used within a web browser.
In this guide, we'll install and configure the OpenVPN Access Server on a CentOS 6.5 VPS instance.
Download and Install Packages
We can obtain the OpenVPN Access Server package for CentOS from the project's website.
Right click on the package that matches your version of CentOS and your machine's architecture. Select the "copy link address" item or whatever option is closest.
On your CentOS droplet, download the package with curl -O
(that's the letter "o" not a zero) followed by the URL you copied from the page. In my case, this turned out to be:
cd ~
curl -O http://swupdate.openvpn.org/as/openvpn-as-2.0.5-CentOS6.x86_64.rpm
When the package has been downloaded, you can install it with using the rpm
command:
sudo rpm -i openvpn-as-2.0.5-CentOS6.x86_64.rpm
After installing the package, an administration account is created called openvpn
. However, no password has been set.
Set a password for the administrator's account by typing:
sudo passwd openvpn
Now, the command line configuration steps are complete. The rest of the guide will focus on configuring options through the web interface.
Accessing the Web Interface
We can access our VPN portal by going to our server's IP address or domain name, at port 943
. The server operates using TLS, so we will need to specify the https
protocol.
For our initial interaction, we actually want to go to the administrative interface, which is the same, except ending with /admin
:
https://server_ip_or_domain:943/admin
You will get a warning that the site's SSL certificates are not trusted:
This is expected and perfectly fine. All that this is telling us is that OpenVPN is using a self-signed SSL certificate, which is not trusted by default by our browser. We can click on the "Proceed anyway" button or whatever similar option you have.
You will be presented with the admin login page. Use the username openvpn
and the password you set for this user:
You will be taken to the OpenVPN Access Server's EULA, which you will have to agree to if you wish to continue:
Once you log in, you can see the administrative interface, complete with some useful at-a-glance stats on the landing page: