Sign in Subscribe
Web Hosting Articles

A Guide to Setting Up a Virtual Private Network (VPN) Server on Your VPS

A Guide to Setting Up a Virtual Private Network (VPN) Server on Your VPS


Setting up a Virtual Private Network (VPN) server on a Virtual Private Server (VPS) can provide you with a secure way to access your server and browse the internet privately. Below is a step-by-step guide to help you set up a VPN server on your VPS.

Please note that the instructions here are general, and you may need to adapt them depending on the specific VPS provider and operating system you're using.

Step 1: Choose a VPS Provider

Choose a VPS provider and sign up for a plan. Popular VPS providers include DigitalOcean, Linode, AWS, Google Cloud, and others.

Step 2: Create a VPS Instance

Log in to your chosen VPS provider's dashboard and create a new instance (sometimes referred to as a droplet, server, or instance). Choose an operating system; Ubuntu, CentOS, and Debian are common choices for VPN servers.

Step 3: Connect to Your VPS

Once the VPS is set up, you'll connect to it using SSH (Secure Shell). You'll need the IP address of your VPS, as well as the SSH key or password provided by your VPS provider.

Step 4: Update and Upgrade the System

Update the package lists and upgrade any outdated packages:

bashCopy codesudo apt update
sudo apt upgrade -y

Step 5: Install Necessary Software

For this guide, we'll use OpenVPN, a popular open-source VPN server.

bashCopy codesudo apt install openvpn

Step 6: Configure OpenVPN

  1. Generate the server's keys and certificates:

bashCopy codesudo bash /usr/share/doc/openvpn/examples/sample-config-files/vars.sh
source ./vars
./clean-all
./build-ca
./build-key-server server

  1. Generate Diffie-Hellman parameters:

bashCopy code./build-dh

  1. Generate a static key:

bashCopy codeopenvpn --genkey --secret keys/ta.key

  1. Create a directory to store the keys:

bashCopy codesudo mkdir -p /etc/openvpn/keys
sudo cp keys/{ca.crt,ta.key,server.crt,server.key,dh2048.pem} /etc/openvpn/keys

  1. Copy the sample server.conf:

bashCopy codegunzip -c /usr/share/doc/openvpn/examples/sample-config-files/server.conf.gz | sudo tee /etc/openvpn/server.conf

Step 7: Configure Firewall

If you're using UFW (Uncomplicated Firewall):

bashCopy codesudo ufw allow 1194/udp
sudo ufw enable

Step 8: Start and Enable OpenVPN

bashCopy codesudo systemctl start openvpn@server
sudo systemctl enable openvpn@server

Step 9: Enable IP Forwarding

Edit /etc/sysctl.conf:

bashCopy codesudo nano /etc/sysctl.conf

Uncomment this line:

bashCopy codenet.ipv4.ip_forward=1

Save and exit, then apply the changes:

bashCopy codesudo sysctl -p

Step 10: Configure Client Devices

Transfer the necessary client keys (ca.crt, ta.key, client.crt, client.key) to your local devices. You can use an SFTP client like FileZilla for this.

Step 11: Connect to Your VPN

Use an OpenVPN client on your devices to connect to your VPS.

Congratulations! You've set up a VPN server on your VPS.

Please remember that this is a basic setup. Depending on your specific needs and security considerations, you may need to further customize your VPN configuration. Additionally, always ensure you're complying with all applicable laws and regulations when setting up and using a VPN.

Read next