Easily Build OpenVPN Server with Pritunl

Must read:

Ferdian Alfianto

Ferdian Alfianto

Ferdian Alfianto is an Internet enthusiast, Mac Lover; likes using Wordpress, experimenting with Linux (especially Debian and Ubuntu), tinkering with pfSense routers, happy experimenting with LEMP (Linux, Nginx, MariaDB, PHP) and Redis. You can contact me here.

I've written before tutorial build OpenVPN server on Centos 5, but there is no control panel for managing servers and users; all must be done via CLI. Well, this time I will provide a tutorial on building an Open VPN server with Pritunl.

Pritunl is an enterprise-class OpenVPN and IPsec server application, distributed in open source. For basic features, Pritunl can be used for free. However, for advanced features, Pritunl costs $10 - $50 per month. With basic features, it is sufficient for personal needs.

Requirements

We need a VPS, don't need high specs, with 1 CPU and 512 MB is enough. For OS, Pritunl supports many Linux distributions; You can use Arch Linux, AmazonLinux 1, AmazonLinux 2, CentOS 7, Debian 8, Debian 9, Oracle Linux 7, Ubuntu 16.04 and Ubuntu 18.04. For this tutorial, I'm using Ubuntu 16.04.

Choose a datacenter location closest to you, in Jakarta or Singapore if you are in Indonesia.

As for the OpenVPN client, Pritunl supports Windows, Mac OS; also many Linux distributions such as Arch Linux, Centos 7, Debian 9, Antergos, Fedora 28, Ubuntu 16.04, Ubuntu 18.04 and Ubuntu 18.10.

Installation

Login to your Ubuntu VPS, and enter the following commands one by one in sequence:

sudo tee /etc/apt/sources.list.d/mongodb-org-4.0.list << EOF deb https://repo.mongodb.org/apt/ubuntu xenial / mongodb-org / 4.0 multiverse EOF sudo tee / etc /apt/sources.list.d/pritunl.list << EOF deb http://repo.pritunl.com/stable/apt xenial main EOF sudo apt-key adv --keyserver hkp: //keyserver.ubuntu.com - -recv 9DA31620334BD75D9DCB49F368818C72E52529D4 sudo apt-key adv --keyserver hkp: //keyserver.ubuntu.com --recv 7568D9BB55FF9E5287D586017AE645C0CF8E292A sudo apt-getct update sudo apt-getlbassum start enable pritunl mongod

Then enter the following command to raise the Open File limit:

sudo sh -c 'echo "* hard nofile 64000" >> /etc/security/limits.conf' sudo sh -c 'echo "* soft nofile 64000" >> /etc/security/limits.conf' sudo sh -c 'echo "root hard nofile 64000" >> /etc/security/limits.conf' sudo sh -c 'echo "root soft nofile 64000" >> /etc/security/limits.conf'

Now open a browser, and visit your server's OpenVPN address at https://AlamatIPServer/.

* Note: If an SSL error warning appears, just continue, later we will install SSL Lets Encrypt.

To get the setup key, run the command:

pritunl setup-key

And enter the setup key like the example below

Next, the login column will appear as below. To get the login username and password, run the command:

sudo pritunl default-password

If successful login, a Pritunl configuration pop-up will appear as below.

In this configuration column, you can change the username & password. And the main thing is to enter the domain (or subdomain) that you will use to access this Pritunl server. Don't forget to point the domain / subdomain that you will use first, to the IP address of this Pritunl server. Enter the domain / subdomain into the Lets Encrypt Domain field, and press the Save button. Then Pritunl will automatically request an SSL certificate to Lets Encrypt, and install it.

After Pritunl confirms that the configuration is successful, now please try to access it with the url https://NamaDomainAnda.

User and Server Configuration

We start by configuring the User first. Click the Users menu, then select Add Organization. It's kind of like creating a user group. Fill in the desired organization name, and click Add.

Next we will create / add a user to the organization that we just created. Click the Add User button. Enter the user name, select the organization, email, and PIN to use later when connecting to the Pritunl server, a kind of password. Usually I just use numbers, like PIN in general. If so, don't forget to click Add.

Next, we do the server configuration. Click the Servers menu, and select Add Server.

Enter the desired server name in the Name field. If you want to change the DNS other than the default, enter it in the field DNS Server. The port can be left the default, or change as you wish. For protocol, I suggest sticking with UDP. If you want to use IPv6, please tick Enable IPv6; but make sure your server has IPv6 and your client connections support IPv6; if in doubt it is better not to use IPv6. Virtual Network is the virtual IP address that will be assigned to the OpenVPN client, leave the default values. To add security, you can activate the feature Enable Two-Step Authentication.

The next step is to do "attach“, Which organization (or group) can access our Pritunl server. On page Servers, choose Attach Organization. In the Attach Organization window, select the organization / group and server, and click Attach.

And to run the server, click the button Start Server. Check the log output, if it says "Initialization Sequence Completed", Then the server is running and ready to use.

OpenVPN Client

To be able to connect to the Pritunl OpenVPN server that we created earlier, we must download the User Profile. You can find the link to download it on the menu Users, select the user we want to download the profile for, and click the link Click to download profile.

Or you can provide a download link User Profile to your clients, by clicking the link Get temporary profile links. (this link is temporary, will expire in 24 hours).

Now download Pritunl Client so we can connect. To download the installer, please visit the page Pritunl Client.

To check whether your connection is through the Pritunl server, visit the website https://whatismyipaddress.com/ or input in the Google search field, with the keyword "whatismyipaddress". If what appears is the IP address of the Pritunl server, it means you have successfully connected. Hopefully useful & good luck!

Share on facebook
Facebook
Share on twitter
Twitter
Share on whatsapp
WhatsApp
Share on telegram
Telegram
Share on email
E-mail

Latest articles:

MongoDB logo
Linux

Easy to Install MongoDB on Ubuntu 20.04

This tutorial explains how to install and configure MongoDB Community Edition on Ubuntu 20.04. MongoDB is a free, open-source document database. Belongs to the so-called database family

One Response

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Related article:

MongoDB logo

Easy to Install MongoDB on Ubuntu 20.04

This tutorial explains how to install and configure MongoDB Community Edition on Ubuntu 20.04. MongoDB is a free, open-source document database. Belongs to the so-called database family

www

World's First Website

On 6 August 1991, without fanfare, British computer scientist Tim Berners-Lee published his first website while working at CERN, the large particle physics laboratory.