Installing the OpenVPN InstantApp

• compute
• apps
• OpenVPN
• VPN
• Ubuntu
• InstantApp
• instance

OpenVPN is an open-source software application that implements Virtual Private Network (VPN) techniques for creating secure point-to-point or site-to-site connections in routed or bridged configurations and remote access facilities.

The OpenVPN InstantApp is a fast and simple way to protect your online privacy and surf anonymously.

OpenVPN InstantApp comes with:

• an OpenVPN server
• a client configuration profile to set up your client

1. Click Instances in the Compute section of the side menu. The Instance creation page displays.
2. Click Create an Instance. The Instance creation wizard displays.
3. Choose the OpenVPN image in the InstantApps tab:
4. Follow the remaining steps to create your Instance.

Create a VPN user

1. Connect to your Instance via SSH. Run the scw-ovpn status command to check if your OpenVPN server is ready:

   root@scw-charming-haibt:~# scw-ovpn status
   
   Your server is done configuring !
   You can now start using it.
   
   Have a look at what scw-ovpn features:
       $ scw-ovpn
   Copy code

2. Create a new user with the scw-ovpn tool.

   root@scw-942e6e:~# scw-ovpn
   This wrapper helps you manage your openvpn server.
   Use these commands to create an user and get a link to its configuration:
   $ scw-ovpn create MYUSER
   $ scw-ovpn serve MYUSER
   
   If you do not want to transfer your configuration over cleartext HTTP, type this command on your own machine:
   $ ssh root@51.15.51.220 scw-ovpn show MYUSER > MYUSER.ovpn
   
   You could also copy-paste the output of:
   $ scw-ovpn show MYUSER
   
   Or even use port forwarding to tunnel your requests to the port the http server listens on when running '$ scw-ovpn serve ...'.
   
   Choose the way you like and understand !
   
       $ scw-ovpn status
       shows the status of the initial openvpn configuration
   
       $ scw-ovpn create CLIENTNAME
       create a new certificate with name CLIENTNAME
   
       $ scw-ovpn list
       list all available and revoked clients in separate lists
   
       $ scw-ovpn revoke CLIENTNAME
       revoke the certificate for CLIENTNAME. This client will not be able to connect afterwards.
   
       $ scw-ovpn show CLIENTNAME
       shows the openvpn config file for client CLIENTNAME
   
       $ scw-ovpn serve CLIENTNAME
       starts an HTTP server you can download your openvpn client configuration from
   
       $ scw-ovpn add-instance PROTOCOL PORT ID
       add an openvpn instance listenning on PORT with PROTOCOL.
       protocol must be one of udp and tcp.
   
       $ scw-ovpn del-instance ID
       removes the openvpn instance with subnet id ID
   
       $ scw-ovpn list-instances
       list all running openvpn Instances
   Copy code

3. Run it with the following command:

   scw-ovpn create CLIENTNAME
   Copy code

   It will automatically generate the configuration for the client CLIENTNAME.

4. Download the configuration file from your server either via SSH or by starting a HTTP server that provides an URL to download the files directly on your computer.

   scw-ovpn serve CLIENTNAME
   Copy code

   root@scw-942e6e:~# scw-ovpn serve ovpn
   You can now download the openvpn client configuration at :
   
   > > http://51.15.51.220:4242/69a24160-0a77-11e8-b599-5b914f6cdb17/ovpn.ovpn
   > >
   > > > Press ENTER to stop serving the config file
   > > > Serving HTTP on 0.0.0.0 port 4242 ...
   > > >
   Copy code

5. Download the configuration file from the URL displayed in the MOTD. We assume that you have already installed a VPN client.

6. Open the configuration with your VPN client.

   

7. Start a new connection using the VPN profile we just installed once the configuration is loaded.

   

You are now connected and all your traffic is routed through the OpenVPN server. Check that your public IP matches the public IP of the server to ensure your configuration is correct.