OPENVPN CLOUD IS LIVE: TRY TODAY FOR FREE

OpenVPN Access Server On Debian Quick Start

2

Install ‘openvpn-as’ package

3

Set password for bootstrapped user: ‘passwd openvpn’

4

Set up in browser: https://[youripaddress]:943/admin (browser setup found here)

Setting up and deploying the OpenVPN Access Server Repository on Debian

Beginning with Access Server 2.7.5, you can install Access Server software packages and the related Connect Client software through our official OpenVPN Access Server software repository. We recommend using the repository as it is a standardized and reliable method for delivering new versions and upgrading existing deployments. It provides you with more security, an industry-standard delivery method, easier upgrades, added flexibility, and an improved user experience. Here’s your quick start guide to rapidly deploy a VPN remote access solution for your business.

Built on the popular OpenVPN open source software, Access Server maintains compatibility with it. Thus, your deployed VPN solution is compatible with OpenVPN client software developed for multiple platforms and devices.

OpenVPN Access Server pairs well with your Linux distro of Debian, which is also built on open source software fundamentals.

Deployment to each new client device is easy. Once your server is up and running, you’ll have the ability to connect to your VPN through Windows, Mac, Android, iOS, and all supported platforms. Simply import the required settings from Access Server.

The following will give you helpful information about the benefits of OpenVPN Access Server as well as installation instructions. For more, read an overview of OpenVPN Access Server.

Using OpenVPN Access Server on Debian

IT professionals have used VPNs for a long time to provide secure, remote access to a corporate network. These are some of the important features and reasons why businesses include OpenVPN Access Server as their VPN on their Debian servers:

  • Any external user accessing the business network is authorized
  • Each user connects through an encrypted tunnel
  • It’s easy to securely connect headquarters with remote or global offices
  • It adds to your layered security approach, which is crucial for today’s cyber security risks
  • You provide an additional layer of security for cloud computing
  • Any internal applications that weren’t built with security in mind now have it
  • It’s a low cost investment with a big return in privacy and security
  • Built on the de facto standard of OpenVPN’s open source code, Access Server provides users with a clean, intuitive interface

Use Case Examples for Access Server with Debian

Configuring Access Server as your Debian VPN can provide your business with the ability to accomplish many secure use cases such as:

  1. Remote monitoring of worldwide locations
  2. Secure access for transactions through the cloud
  3. Secure access to private enterprise networks on the cloud or on premises
  4. End to end encryption
  5. Blocking unauthorized access
  6. Improving mobile workforce productivity
  7. Extending your Unified Threat Management to remote employees
  8. Providing a secure layer for accessing internal, unprotected applications

Keep your employees work secure through OpenVPN Access Server, which keeps your company safe.

We provide you with next gen secure and scalable communication services. Our award-winning open source protocol is the industry standard for virtual private networks. Put our legacy to work for your business security.

Setting up OpenVPN Access Server on Debian

OpenVPN Access Server fits seamlessly with Debian. The repository provides you with the following three components: the popular OpenVPN open-source software; a user-friendly and intuitive admin web interface; and Connect Clients for Android, iOS, Windows, macOS, and Linux. Once set up, deploying VPN clients is simple.

Follow this high level overview to set up OpenVPN Server and OpenVPN Access Server Admin Web UI. More details, if necessary, can be found with the links in the Further Resources section below. Detailed instructions are included in the OpenVPN Documentation section and Installing OpenVPN Access Server on a Linux system, specifically.

An alternate method for installing on Debian can be done by using PuTTY to connect to the Linux server for performing the installation. Details on that can be found here.

1) Get Updates

Begin by logging on to your Linux system on the console or via SSH with root privileges.

Update the cached packages list to the newest in the Debian repository:

apt update

Then, upgrade any of these available package updates by getting them from the repo and installing them:

apt upgrade

2) Install OpenVPN Access Server via repository

Copy and paste these commands and execute them with root privileges. They will add the repository to your system.


apt update && apt -y install ca-certificates wget net-tools gnupg
wget -qO - https://as-repository.openvpn.net/as-repo-public.gpg | apt-key add -
echo "deb http://as-repository.openvpn.net/as/debian buster main">/etc/apt/sources.list.d/openvpn-as-repo.list
apt update && apt -y install openvpn-as

4) Configure Settings

The Access Server Admin Web Interface provides an intuitive tool to manage settings for OpenVPN Access Server. Within the configuration menu, you can manage activation keys, TLS settings, network settings, VPN settings, advanced VPN settings, web server, client settings, and failover.

Helpful tips for configuration settings:

The following may be helpful configuration settings:

  1. To reach OpenVPN Access Server via the internet, set the Hostname or IP address to one facing the public internet.
  2. The default subnet for OpenVPN Access Server’s internal DHCP system is 172.27.224.0/20. This may be changed to a subnet that better fits your network.
  3. The routing section provides the option to push certain routes to networks accessed via the server to remote clients.
  4. Forwarding client internet traffic through the OpenVPN Access Server is a toggleable option.
  5. Settings can be changed per client from within user permissions.

5) Connect Client

To access a connect client via web browser, use the address below by replacing “openvpnasip” with the IP allocated to your openvpn-as instance:

https://openvpnasip/

Users have two options:

  1. Connect to the VPN: the user connects directly to the VPN through their web browser.
  2. Login to the Connect Client: they can download their user configuration files (client.ovpn) and use them to connect to the VPN with other OpenVPN Clients.

Helpful Linux and Debian Tips

  • Successfully running the Linux commands here requires that they are executed with root privileges logged in as a root user or sudo up
  • When connecting to the Admin web interface for the first time, you’ll likely see a big message about the site’s security certificate not trusted. This is because the server has a self-signed certificate so you will need to bypass this error.
  • If you’re installing a system manually from scratch, make sure the time and date on your Ubuntu server are correct. Access Server generates certificates with both a start and expiration date, using the system time and date. If needed, install a Network Time Protocol (NTP) client program on the server to correctly and automatically sync the time.
  • For configuring an Access Server without internet access, it requires contacting the OpenVPN team for an offline activation procedure
  • If you experience slowness with the web interface or attempting key activation, check that DNS resolution is working as expected (e.g.: pinging www.google.com should resolve this to an IP address)