Guide to setting up an OpenVPN Server on your Home Network

[RockSolid1106]

This is a guide to setting up a VPN Server on a machine running Ubuntu on your home network. This will help you to connect to your home network even when you are away. This should help you access your NAS when you're away, or connect to a computer on the network with RDP, basically anything you could do when you were home. Using a VPN to connect to a remote computer via RDP is considered much secure than directly exposing the port to the Internet.

 

All my commands are for a Debian-based OS. I am using Ubuntu 20.10, but this should work on any Debian-based OS.

 

I will be using a script that a user has created on GitHub: https://github.com/angristan/openvpn-install

 

Now, before you start, I would highly recommend a DDNS, or Dynamic DNS. This will bind your IP to a domain name. This will save you a lot of hassle of your public IP changing frequently. I would recommend using No-IP, which is what I use.

No-IP: https://noip.com

 

Start off by getting the script downloaded into a .sh format file.

curl -O https://raw.githubusercontent.com/angristan/openvpn-install/master/openvpn-install.sh

Then make the file readable by:

chmod +x openvpn-install.sh

Then run the file by:

sudo ./openvpn-install.sh

It will output some text. The last line should be:

Unless your server is behind a NAT, this should be your public IPv4 address.

Enter your private IP address over here.

 

It will then ask for your public IP address

Public IPv4 address or hostname:

Here, you can enter your DDNS address(should be something like 'xxxxxxxx.ddns.net').

 

Then it will ask you if you want to enable IPv6 functionality.

Enter 'y', and then hit enter(Check @Levent's reply if you are against it).

 

Then it will ask you the port which you want to use. I would recommend using the option 3, or Random. Enter your choice(1, 2 or 3) and then hit enter.

Then the protocol. I recommend you to leave this at the default, or UDP(Option 1).

 

Then asks if you would like to use compression. Stick with the defaults, 'n'.

"Customize encryption settings?", Enter 'n'.

 

Then the DNS resolver. I used Google DNS(option 9).

Click any key and it will now start the installation.

 

 

After that's done, it asks for a client name. Give it an appropriate name, and then hit enter.

Then whether you want the configuration file to be password protected. I would recommend the password. Enter '1' and hit enter, and then your password.

Your client configuration file will then be generated and stored in the Home folder of the user.

 

You can just open the .ovpn configuration file with a text editor.on the 4th line, there should be something like this:

You can do that by typing the following line in the terminal:

sudo gedit <the client name you entered previously>.ovpn

On the 4th line, there should be something like this:

remote xxx.xxx.xxx.xxx 62xxx

where xxx.xxx.xxx.xxx is your IP address, and the digits after the space, is the port number. Make a note of the port number.

 

Now you have to setup port forwarding on your router. This step does differ from manufacturer to manufacturer, so please look for steps on your exact router.

Basically, you want to forward the port number you found in the .ovpn file to your OpenVPN Server(the internal IP address of your server).

 

Once that's done, you can copy the .ovpn file to another device, and then import it with the OpenVPN application, which is available on Play Store/App Store, and Windows.

Windows: https://swupdate.openvpn.org/community/releases/OpenVPN-2.5.2-I601-amd64.msi(or alternatively you can go to https://openvpn.net/community-downloads/)

 

I have been using this for myself for quite a while now, and it works pretty well.

 

I hope this guide was helpful. Feel free to drop any suggestions or correct me for any mistakes that I may have made in the post.

[Levent]

22 hours ago, LTTfan2006 said:

Enter your private IP address over here.

That is wrong unless your VPN is behind a NAT.

22 hours ago, LTTfan2006 said:

Then it will ask you if you want to enable IPv6 functionality.

Enter 'n', and then hit enter.

If your exit point supports ipv6, disabling ipv6 is just pointless. You literally gain nothing by doing it.

[RockSolid1106]

44 minutes ago, Levent said:

That is wrong unless your VPN is behind a NAT.

I did mention in the title of the topic, that this setup will be on a Home Network, which(I think) means that you are behind a NAT(Because you are connected to a router, and are not assigned a Public IP address).

 

44 minutes ago, Levent said:

If your exit point supports ipv6, disabling ipv6 is just pointless. You literally gain nothing by doing it.

Thanks for that. I'll update it in the post. I just wanted to stick with the defaults(the default option was 'n'). 

 

EDIT: Updated @Levent's suggestion in the post.

Edited May 31, 2021 by LTTfan2006

[Levent]

1 minute ago, LTTfan2006 said:

I did mention in the title of the topic, that this setup will be on a Home Network, which(I think) means that you are behind a NAT(Because you are connected to a router, and are not assigned a Public IP address).

 

Thanks for that. I'll update it in the post. I just wanted to stick with the defaults(the default option was 'n'). 

Default would be no unless if you network has no ipv6 internet connection.