Microsoft Hyper-V is a Windows Server virtualization application. With Hyper-V, you can virtualize operating systems, hard drives, and network switches. OpenVPN Access Server can be installed on a Hyper-V virtual machine as a Virtual Hard Disk (VHD) Drive. We provide an Ubuntu Hyper-V image download. For a business that’s typically a Microsoft shop, using our Hyper-V Linux image is a great option for easily working with the Linux environment. Below you’ll find more on the benefits of using virtual machines and information on getting started.
Setting up a Hyper-V server gives you the ability to create virtual machines, which maximizes:
It also adds to your security. At OpenVPN, we emphasize the importance of creating layered security, with a VPN providing one of those layers. Virtual Machines provides you a specific layer of security through isolation. If one machine crashes or becomes infected with malware, it’s isolated. It can’t affect other systems
You can also easily move to new hardware and virtual machines are more secure to use than containers.
Hyper-V Ubuntu virtual machines also provides businesses that are mainly a Windows shop an easy way to setup OpenVPN Access Server. With our existing Ubuntu Hyper-V image download, you can deploy Access Server through Microsoft Hyper-V onto a virtual machine without requiring extensive experience or knowledge of Linux.
A bit of helpful information for you to start:
These instructions will walk you through the process of attaching the OpenVPN Access Server VHD image to a generation 1 type VM for Microsoft Hyper-V. At a high level, you’re going to accomplish the following five steps:
If you’d like more detailed instructions on setting up using Hyper-V Manager, please refer to Microsoft’s documentation.
Download the OpenVPN Access Server zip file.
Extract the zip file into a folder. A recommended location is a file where you keep all of your virtual hard disk images.
Create a new virtual machine in Hyper-V
Choose local installation source or change installation source
Create your virtual machine
To begin configuration of OpenVPN Access Server, open the console of the virtual machine or log in through an SSH session with the following credentials:
OpenVPN Access Server will prompt you with setup questions. We recommend the default settings. You can adjust them at any point later on through the web interface.
When asked for a license key, simply press enter to continue installation if you don’t have one. OpenVPN Access Server comes with two free connected devices for testing purposes.
You may receive the following error: IndexError: list index out of range. This happens when the appliance is deployed on a network without a DHCP service to assign a valid IP address. To resolve this, see the instructions below on setting a static IP address. Once you’ve resolved this, you can log on to the appliance again and restart the wizard.
Because DHCP assigns IP addresses dynamically, it is helpful for most setups to set a static IP address even if they don’t receive the IndexError message.
The commonly used program for setting the network IP address in Ubuntu 18 is netplan. These are the detailed instructions on how to set a static IP address on Ubuntu 18 or newer.
Our appliance is based off of Ubuntu 18.04 LTS x64. For instructions on setting a static IP address for Ubuntu 16 or older, refer to this page with instructions for using ifupdown.
Make sure to change the default root password from openvpnas to one of your choosing. Note: once changed, it can be difficult to reset if you lose it.
Type the following command to change the root user password:
The system creates a single administrative user to start, but it has no password set. To use it, you must first set a password with the following command:
Once the password is assigned, you can now login to the admin UI web interface.
During the installation process, you will be informed of the location of your admin web service, which is where you can log on as an administrative user and manage VPN settings. The admin UI is usually at address of your server with /admin/ added, for example: https://192.168.70.222/admin/.
You will receive a warning in the browser such as “invalid certificate” or “cannot verify identity of the server”. This is because Access Server comes with a self-signed SSL certificate to begin with. Confirm that you wish to continue to the web interface.
Login with your username openvpn and the password you have just set.
We do not rebuild our appliance image with each new release of OpenVPN Access Server. You may have a slightly older version than what is currently available. We recommend performing an in-place upgrade to get the latest release. Follow these steps:
It’s also important to have the latest version of your appliance. To ensure that your operating system is up to date, the built-in package manager program can retrieve and install the updates. Enter the following commands when logged on to the Access Server as a root user:
The default timezone of the appliance is US(Pacific - Los Angeles). Update the timezone to your correct timezone. This step is especially vital if you plan on using the Google Authenticator multi-factor authentication system, which relies on a time-based one time password system. We recommend also installing the Network Time Protocol (NTP) client program to automatically update time and date. Run the following commands logged on to the Access Server as a root user:
Set the timezone:
Install NTP client:
apt-get install ntp
Your OpenVPN Access Server virtual machine is now setup through Hyper-V.