Oracle Quick Start Guide


OpenVPN Access Server provides an Oracle Cloud VPN that you can get up and running within minutes.

Working with Oracle Cloud, you use their instances, which are Linux-based virtual machines running on virtualized hardware. By using the OpenVPN Access Server instance from their Marketplace, you can launch a VPN hosted in the cloud, with the following benefits:

  • Quickly extend your Oracle Cloud private networking to remote users and other sites.
  • Create hub-and-spoke network topology, site-to-site, user-to-cloud, and various other secure VPN connections.
  • Provide secure, remote access to applications deployed on Oracle Cloud.

Read on for your guide to get started with your VPN server on the web.

Create an instance

To get started, visit the Oracle Marketplace to find the OpenVPN Access Server BYOL VPN and follow these steps:

  1. Select OpenVPN Access Server BYOL from the Oracle Marketplace.
  2. Select the latest version and the compartment.
  3. Review and accept the Oracle terms and click Launch Instance.
  4. Enter a name for your instance if you want to change it from the generated name.
  5. Select your virtual cloud network and subnet.
  6. Generate a new SSH key or input your public SSH key.
  7. Click Create.
  8. Add a Network Security Group to your instance with the rules outlined in the table below.
DirectionSource TypeSourceProtocolSource PortDestination Port

Connect to your instance

Once Oracle deploys your new Access Server instance, you can connect with an SSH client. When connecting via SSH, use the username, openvpnas.

ssh -i private-key-filepath openvpnas@instance-public-IP

We provide instructions on how to connect to a common use case for Windows OS users with the PuTTY SSH Client: Connect to Access Server via SSH using PuTTY.

Finish Access Server Installation

The OpenVPN Access Server configuration tool runs automatically the first time you sign into the instance.

For this guide, we assume you choose the default values by pressing ENTER for each choice.

In the last step of the installation process, a randomly generated password for the ‘openvpn’ administrative accounts displays on the console (if you didn’t enter a password during the initial setup).

You can now connect to the Admin Web UI with ‘openvpn’ and the generated password with the URL https://[youripaddress]/admin.

Replace "[youripaddress]" with the static IP address of your server.

Finish Access Server Configuration

To complete configuration, refer to Finishing Configuration of Access Server.

Once you've done that, we recommend a few additional steps, below.

Change default time zone

The default time zone may not be the time zone that you're in. If you are in a different time zone, you can change this setting by running this command, then choose your appropriate time zone:

sudo dpkg-reconfigure tzdata

Install NTP client for automatic time synchronization

We recommend installing the NTP client to keep the time synchronized, but it's especially for those that plan on using multi-factor authentication with TOTP. Run this command:

apt-get install ntp

Update Operating System Software

We recommend updating your Linux OS. From the time we've generated the appliance and you've downloaded and are using it, there are likely a number of updates. To make sure your appliance OS is up to date, execute the following commands:

sudo apt-get update
sudo apt-get upgrade

Further security recommendations

We have additional security recommendations we suggest you implement, for all OpenVPN Access Server installations.