Installing OpenVPN Access Server On A Linux System

Introduction

The following information will help you start

OpenVPN Access Server on a Linux operating system.

Tips for installing OpenVPN Access Server on a Linux system: Supported

  • operating systems
  • .

  • Installation and preparation requirements
  • . Install the repository, and

  • then upgrade
  • . Completing

  • product setup and usage
  • . Limitations

  • of an unlicensed OpenVPN access server.

Supported Operating Systems

We distribute OpenVPN Access Server through our software repository on a number of popular Linux distributions. See the OpenVPN Access Server system requirements for supported Linux operating systems.

To install the repository and install Access Server: Choose your platform on our downloads page and get instructions for installing the repository and

Access Server

.

  • See the software repository download page
  • .

  • Find and click on the platform you are using
  • .

  • Use the commands to install the repository and software.

We also provide quick start guides for all supported operating systems; see OpenVPN Access Server installation options.

Our quick start guides walk you through launching OpenVPN Access Server on:

  • Ubuntu
  • Debian
  • Red Hat Enterprise Linux
  • CentOS
  • AWS
  • Google Cloud
  • Azure
  • DigitalOcean
  • Oracle
  • VMWare
  • Hyper-V

Installation and preparation requirements

The following will help you prepare your platform for installation

.

Verify that the server is ready

  • You need a Linux operating system that supports root-level access. You can connect directly through the console or through an SSH session using a tool like PuTTY.
  • If you need to log in as an unprivileged user, sudo up to get root privileges.
  • Ensure that your server has the correct time and date, necessary for certificate generation and verification, as well as for implementing multi-factor authentication.
  • To check the current time, date and time zone on a Debian/Ubuntu system:apt updateapt -y install tzdatadpkg-reconfigure tzdata
  • To check the current time, date, and time zone on a CentOS/Red Hat system:timedatectl -help
  • Make sure your server can access the Internet. Some use cases require running Access Server in an environment without Internet access; If you need to, contact technical support for help setting up offline license activation.
  • We recommend that you install Access Server behind a firewall as part of a layered security approach. Forward TCP ports 443, TCP 943, TCP 945, and UDP 1194 from the public Internet to the private address of the access server behind the firewall.
  • Verify that DNS resolution is working correctly. Try pinging a domain, such as www.google.com to verify that the server resolves it to an IP address.

Using the

OpenVPN Software Repository We distribute OpenVPN Access Server

through a software repository

.

For a system without Internet access

:

  • You must download the software packages separately.
  • OpenVPN Access Server

  • comes in two packages:
      OpenVPN

    • Connect Client Software Package
    • OpenVPN Access

    • Server
  • The software also depends on several other packages to install successfully. Check our software repository page, click on your Linux operating system, then refer to Option 2: Manually downloaded packages.
  • To activate your subscription or license, please contact our support team.

Install repository and

then update

Check your

operating system You must know the correct operating system to

use the appropriate commands to add the repository and install OpenVPN Access Server

. Determine your operating system

  • .
    • Run these commands to find the necessary operating system information:cat /etc/issuelsb_release -auname -a

    Select your

operating system on our software repository page From the

software repository page

  • , click on the appropriate operating system to open instructions for installing the repository. Make sure you also select the correct version of
  • your operating system
  • .

  • The instructions work for upgrades and new installations of OpenVPN Access Server
  • .

  • Run the commands on the server command line as root.
    • After you add the repository, when you run apt update and apt upgrade, it updates Access Server when there is a new version.
  • We recommend restarting

  • the server: restarting

Note: If your operating system version is no longer listed on our software repository page, you should not attempt to force instructions for a newer operating system on your outdated system. In this situation, you should consider upgrading the operating system or migrating the access server settings to a more up-to-date installation.

Completing Product

Setup and

Using Verify Configuration Completes

Once OpenVPN Access Server is installed, it automatically runs an

initial configuration with the default settings.

When the initial configuration is complete, review the result of the administrator account and the addresses to access the

administration web UI.

  • Obtain the username and password of your administrator user.
    • Make a note of the randomly generated password for the openvpn administrative account. Access Server versions earlier than 2.10 do not automatically generate a password. In previous versions, set the password manually by typing passwd openvpn on the command line.
  • Get the URLs for the

  • administration and client web UIs. The output provides the URL to connect to the administration web UI
    • to configure the VPN server. From the administration web UI, you can manage settings, certificates, users, and more settings in a web-based GUI. An example address: https://192.168.70.222/admin.
    • The output also provides the URL to connect to your client UI to download preconfigured OpenVPN Connect as well as connection profiles. An example address: https://192.168.70.222/.
    • For more details about the web service, see OpenVPN Access Server Web Services.
  • Log in to the administration web UI.

    • Enter the URL of your admin web UI into your web browser and log in with your openvpn admin account
    • .

    • When you log in for the first time, you encounter a browser warning due to the self-signed certificate. This is expected and you can accept the warning and continue. To resolve this, you can install a properly signed web SSL certificate.
    • Once logged in, you can activate the access server with an activation key, configure authentication systems such as RADIUS or LDAP, add users to the local authentication database, manage access control, and so on.

See the additional documentation to configure specific features and configuration options for

OpenVPN Access Server:

Limitations of an

OpenVPN Access Server without a license OpenVPN Access Server starts with two free connections.

If you use Access Server without a license or activation key

You can use these two

  • free connections with no time limit
  • . You have

  • full access to all OpenVPN Access Server functionality
  • .

  • You cannot have more than two simultaneous OpenVPN tunnel connections to your VPN server.

To unlock more connections, purchase a subscription. See our pricing page for more details.