A VPN (a virtual private network) lets you access the web securely, obscuring your location. For example, I can access services restricted to the US from Sri Lanka using a VPN located in the US. It also adds a layer of encryption for your internet traffic, making it safe to use across untrusted networks.

If you are a non-technical person, you should look into commercial service. I will give a list of services at the end of this post. If you are comfortable configuring Linux systems, this article is for you.

Background

Last week I signed a contract to join a new team developing payment solutions like Stripe. Due to security concerns accessing their services require IP whitelisting, but my ISP uses dynamic IP allocation. A private VPN was the best solution for my requirements.

System Requirements

You can have your self-hosted private VPN (for personal or limited use) in a $5/mo digital ocean droplet. I use the VPS that hosts this Ruby on Rails-based website in a $10/mo VPS (1-core, 2 GB RAM).

• Modern processor with AES-NI chipset
• 12 MHz for every 1 Mbps of network traffic
• 150 connections per 1GB of RAM

Options

Installing and configuring OpenVPN can be intimidating unless you are comfortable working in Linux environments. There are a few options available for you that can make life easy.

• OpenVPN Access Server 🔗
• OpenVPN road warrior installer 🔗

OpenVPN Access Server: The OpenVPN AS is a great tool, but unfortunately, it is not free. It has a trial mode that allows two connections for free. From their onward, the pricing IMO is unreasonable.

OpenVPN road warrior installer: This bash shell script gives a wizard-like easy way to install OpenVPN in a setup sufficient for freelancers, independent contractors, and private users.

This article will discuss the road warrior installer script. This is my preference for personal use. I would be assuming you are on a Debian installation like Ubuntu.

Installation Instructions

The following instructions have been tested on:

• Ubuntu Server 20.04 LTS
• Ubuntu Server 22.04 LTS

Step 1: Update repositories and install Git

root@vpn:~# sudo apt update
root@vpn:~# sudo apt install git

Step 2: Clone the repository that includes the shell script

root@vpn:~# git clone git@github.com:Nyr/openvpn-install.git

Step 3: Run the installer

cd openvpn-install

Step 3: Go through the installer. I prefer to use Cloudflare DNS. You may use a service you are comfortable with. The others are good as they are. You will opt for a client name. Here I will be using iMac. You can generate any number of clients by re-running the script.

Welcome to this OpenVPN road warrior installer!

Which IPv4 address should be used?
     1) 159.223.169.126
     2) 10.10.0.5
     3) 10.136.0.2
IPv4 address [1]: 1

Which protocol should OpenVPN use?
   1) UDP (recommended)
   2) TCP
Protocol [1]: 1

What port should OpenVPN listen to?
Port [1194]:

Select a DNS server for the clients:
   1) Current system resolvers
   2) Google
   3) 1.1.1.1
   4) OpenDNS
   5) Quad9
   6) AdGuard
DNS server [1]: 3

Enter a name for the first client:
Name [client]: iMac

OpenVPN installation is ready to begin.
Press any key to continue...

Once you press a key, it will go through steps to configure OpenVPN and add IPTables rules.

Get:1 http://mirrors.digitalocean.com/ubuntu jammy InRelease [270 kB]
Hit:2 https://repos-droplet.digitalocean.com/apt/droplet-agent main InRelease
Hit:3 http://mirrors.digitalocean.com/ubuntu jammy-updates InRelease
Hit:4 http://security.ubuntu.com/ubuntu jammy-security InRelease
Hit:5 http://mirrors.digitalocean.com/ubuntu jammy-backports InRelease
Fetched 270 kB in 7s (40.1 kB/s)

[LOT OF LINES IN BETWEEN]

Finished!

The client configuration is available in: /root/iMac.ovpn
New clients can be added by running this script again.

Step 4: Next we need the generated iMac.ovpn file. I am going to copy it to my iMac. I would first make a folder in my desktop to copy the file.

jdeen@iMac:~|⇒  mkdir ~/Desktop/vpn.jdeen.com
jdeen@iMac:~|⇒  ~/Desktop/vpn.jdeen.com
jdeen@iMac:~/Desktop/vpn.jdeen.com|⇒
jdeen@iMac:~/Desktop/vpn.jdeen.com|⇒  scp root@159.223.169.126:/root/iMac.ovpn .
iMac.ovpn                                              100% 5007    19.4KB/s   00:00

We then need to install OpenVPN Connect, the OpenVPN client. It supports:

• macOS
• iOS
• Android
• Windows

Once you install the client application, open it. Click the ⨁ (plus) button, select "File" from the tab and drag and drop the iMac.ovpn file to it. Click save and you have your own VPS service. Repeat this process for each of your devices (ex: iPhone.ovpn, iPad.ovpn, Galaxy.ovpn etc).

Conclusion

Having a VPN service is essential to keep your internet communication secure. While I am a Linux Systems Administrator, I still use ExpressVPN. Their vast network allowed me to connect to many geographical locations. Over time, I had little use for an extensive network. I often will need to solve challenges to complete a simple Google change.

OpenVPN is the VPN technology behind most, if not all, the major VPN providers. The OpenVPN road warriors installer is an excellent utility for installing and configuring an OpenVPN server for your personal use.