In the this tutorial we will be going through deploying a OpenVPN Access Server (AS) from scratch in a VMWare ESXi 4.1 environment. This should be perfect for a home VPN server (due to licence limitations of a maximum of 2 users being connected at the same time)!
Good luck and read on!
Open VMWare vSphere Client and go to File > Deploy OVF Template
In the Deploy from a file or URL box enter:
and click Next
Click Next to confirm the OVF Template details
Enter a name for the server or leave the default and click Next
You can leave the defaults and click Next
VMWare doing it’s magic
Once the deployment has successfully completed, click the Close button
Back in the vSphere Client Power Up the OpenVPN Access Server which has just been deployed and go to the Console tab
Once the server has finished starting up you should be at the prompt screen. Login with the following details:
Once logged in simply run ifconfig to displaying the network configuration (if any, which there shouldn’t be). It should look like this:
As there is no configuration for eth0 we’ll configure it with a valid IP address within our LAN:
openvpnas:~# ifconfig eth0 inet <ip address> netmask <netmask> broadcast <broadcast>
We’ll turn on our eth0 interface:
openvpnas:~# ifconfig eth0 up
Once it is up we’ll see if we can ping the internets:
openvpnas:~# ping google.com ping: unknown host google.com/ If we can't contact the internets then we must add a route to our gateway (usually the routers IP address): openvpnas:~# route add default gw <gateway>
Then we test again with the PING command:
openvpnas:~# ping google.com PING google.com (22.214.171.124) 56(84) bytes of data.
Now that we have internet connectivity we can SSH into the server with the IP address which we set in Step 12 and click Open
We'll accept the certificate by clicking Yes
We'll login with the same details as the ones we used for logging on via Console in our vSphere Client:
Once logged in we'll update the OS with the following commands:
apt-get update apt-get upgrade
Once it has finished updating we'll configure OpenVPN Access Server with the help of the wizard by running:
The wizard is very good and simple to use and most of the defaults should be good enough to get connected via the web interface.
Once the wizard has finished simply set a strong password for the openvpn admin account which you connect via the web:
And finally before logging off change the root password:
Simply go to:
- https://<listeningip>:943/admin - Admin UI
- https://<listeningip>:943/ - User UI
Accept the certificate and add it to the trust it zone
And finally you should be able to login with the openvpn username and the password which we set with the passwd openvpn command in Step 15
Once everything has been configured correctly, the below page should come up after we login.
In the future we'll configure our OpenVPN Access Server to our likings, but for now, you should be able to VPN in providing that you have forwarded port TCP 443 and UDP 1194 to the OpenVPN Server! 🙂