This guide will show you how to install and configure an OpenVPN server using a simple script by Nyr. Itโs ideal for personal use or small teams, and works on Ubuntu 20.04, 22.04, 24.04+, and other major Linux distributions.
๐ก๏ธ OpenVPN is a secure, open-source VPN protocol that encrypts internet traffic and enables safe remote connections.
โ What You'll Need
- Ubuntu Server or Desktop (20.04, 22.04, 24.04 or newer)
- Root or sudo privileges
- Public IP address or domain name
- UDP port 1194 is open on your firewall
๐ง Step-by-Step Guide to Setting Up an OpenVPN Server on Ubuntu
Step 1: Download the OpenVPN Script
Run the following command in your terminal to download the installation script:
wget https://git.io/vpn -O openvpn-install.shStep 2: Make the Script Executable
chmod +x openvpn-install.shStep 3: Run the Installer
Launch the script with:
sudo bash openvpn-install.shYouโll be prompted to:
- Enter your public IP or domain (Enter to skip)
- Select protocol (choose UDP)
- Set the port (default is 1194)
- Pick a DNS resolver
- Provide a name for the first client (e.g.,
atiq)
The script will:
- Install and configure OpenVPN
- Set up firewall rules
- Generate server and client keys
- Create a client config file (e.g.,
atiq.ovpn)
Step 4: Locate the Client File
Your VPN client file will be saved in your home directory (e.g., /home/atiq/atiq.ovpn).
To copy it to a safe location:
cp /home/atiq/atiq.ovpn ~You can transfer this file via FileZilla, SCP, SFTP, or browser download.
Step 5: Install the VPN Client on Your Device
Download the official OpenVPN client for your device:
๐ https://openvpn.net/client/
- Windows/macOS: Use OpenVPN Connect or GUI
- iOS/Android: Install the app from the App Store or Google Play
Then import your .ovpn file and connect securely.
Step 6: Manage VPN Users
To add or remove VPN users, rerun the installer:
sudo bash openvpn-install.shMenu options include:
1) Add a new client 2) Revoke an existing client 3) Remove OpenVPN 4) Exit
To add a user named jimSelect option 1 and enter the name. A new config file (e.g., /home/atiq/jim.ovpn) will be created.
โ VPN Port Forwarding NAT Rule for MikroTik Router
Purpose: Forward OpenVPN (UDP 1194) traffic from public IP to internal VPN server.
MikroTik NAT Rule Commands:
What it does:
- Listens on 115.127.35.126:1194 (UDP)
- Forwards to 192.168.191.37:1194 inside LAN
Make sure:
- VPN server is running at
192.168.191.37 - Input firewall allows UDP 1194 (if needed)
๐ ๏ธ Useful Commands
| Task | Command |
|---|---|
| Check VPN status | sudo systemctl status openvpn-server@server |
| Restart VPN | sudo systemctl restart openvpn-server@server |
| View logs | journalctl -u openvpn-server@server |
โ Final Tips
- Back up your
.ovpnfiles - Use unique, meaningful client names
- Revoke old or unused clients for security
๐ Script Info
GitHub Repository:
๐ https://github.com/hwdsl2/openvpn-install
About:
OpenVPN server installer for the following Linux distributions:
- Ubuntu
- Debian
- AlmaLinux
- Rocky Linux
- CentOS
- Fedora
- openSUSE
- Amazon Linux 2
- Raspberry Pi OS
This script simplifies the deployment of a fully functional OpenVPN server with minimal user input, which is ideal for secure personal or small business usage.