It’s good to know that; You can use any different VPS connections to have your Private VPN server and change your VPS server to a VPN server; but, our suggested operating systems to create a VPN server, will be Centos 7 and ubuntu 20.
Note that in this tutorial, we will have a VPN Server connection available using OpenVPN, One of the key benefits of OpenVPN, in addition to being free, is its stable and permanent connection. The second noticeable point is using the same commands for both virtual servers; According to this subject, you can simply use both VPS servers to create a VPN connection.
Prerequisites
To establish a VPN connection using a VPS Server, first, we need to have the necessary prerequisites and then create our VPN connection.
Note: Some prerequisites can be used after completing the OpenVPN installation and activating the license.
1. WinSCP
What is WinSCP used for;
According to WinSCP.net: SCP software is an open-source free SFTP client, FTP client, WebDAV client, S3 client, and SCP client for Windows. Its main function is file transfer between a local and a remote computer. Beyond this, WinSCP offers scripting and basic file manager functionality.
At simple introduction; WinSCP is software that is used to transfer data or download the required files from a Linux VPS into the PC or main system.
Access the following link: https://winscp.net/eng/download.php, to download WinSCP software.
2. OpenVPN
It is currently the most popular protocol that is used as a VPN, OpenVPN typically uses two protocols, UDP and TCP, to establish a VPN connection.
OpenVPN is used in Open-Source mode; One of the advantages of open-source software is that it makes its structure available to everyone so that security vulnerabilities can be examined and resolved by different people.
Security Note: When you connect to a VPN, using the OpenVPN protocol, your data is secured behind strong encryption.
Access the following link: https://openvpn.net/community-downloads/, to download OpenVPN software.
3. Putty
You must use putty software to connect and log in to the server. Putty software is client-side software. This means that a server must exist at the network level for the software to connect to it. Our server is the same SSH service currently running on our server, and if the server is down or the SSH service is not running properly, we will not be able to connect to the server via the SSH protocol.
Download Putty: By clicking on the following link: https://www.chiark.greenend.org.uk/~sgtatham/putty/latest.html you can download Putty Software.
Note: You can click on the: How to connect to a Linux VPS using putty to start the prerequisite installation
Now we can turn a VPS into a VPN server.
Here, We Are Ready To Create VPN Server Connection Using VPS
- Create a directory of OpenVPN
- Downloading OpenVPN via script
- Installing OpenVPN client profile from the server
- Testing VPN Connection from Client that We create using a VPS server
Command-Line Installation
mkdir /OpenVPN
cd /OpenVPN/
As you can see in the image above, enter the above commands in the putty to automatically create an OpenVPN folder to download the OpenVPN installation files.
We will use the below command:
wget https://raw.githubusercontent.com/angristan/openvpn-install/master/openvpn-install.sh
The output of the command should now match the image you see.
We can use the below commands:
chmod +x openvpn-install.sh./openvpn-install.shNote: The first command will be applied automatically after entering it.
Note: After entering the second command, you will encounter an IP address; Hold it by default and then press Enter.
In the following, you will see the necessary questions to change the default settings.
– Questions and prompts
– Do you want to enable IPv6 support (NAT)? n
: No
– What port do you want OpenVPN to listen to? Port choice [1-3]: 1
1) Default: 1194
2) Custom
3) Random [49152-65535]
: 1
– What protocol do you want OpenVPN to use? Protocol [1-2]: 1
UDP is faster.
1) UDP
2) TCP
: 1
– What DNS resolvers do you want to use with the VPN? DNS [1-12]: 9
1) Current system resolvers (from /etc/resolv.conf)
2) Self-hosted DNS Resolver (Unbound)
3) Cloudflare (Anycast: worldwide)
4) Quad9 (Anycast: worldwide)
5) Quad9 uncensored (Anycast: worldwide)
6) FDN (France)
7) DNS.WATCH (Germany)
8) OpenDNS (Anycast: worldwide)
9) Google (Anycast: worldwide)
10) Yandex Basic (Russia)
11) AdGuard DNS (Anycast: worldwide)
12) NextDNS (Anycast: worldwide)
13) Custom
: Better choose DNS google
– Do you want to use compression? n
: No
– Do you want to customize encryption settings? y
: Yes
– Choose which cipher you want to use for the data channel: 1
1) AES-128-GCM (recommended)
2) AES-192-GCM
3) AES-256-GCM
4) AES-128-CBC
5) AES-192-CBC
6) AES-256-CBC
: 1
– Choose what kind of certificate you want to use: 1
1) ECDSA (recommended)
2) RSA
: 1
– Choose which curve you want to use for the certificate’s key: 1
1) prime256v1 (recommended)
2) secp384r1
3) secp521r1
: 1
– Choose which cipher you want to use for the control channel: 1
1) ECDHE-ECDSA-AES-128-GCM-SHA256 (recommended)
2) ECDHE-ECDSA-AES-256-GCM-SHA384
: 1
– Choose what kind of Diffie-Hellman key you want to use: 1
1) ECDH (recommended)
2) DH
: 1
– Choose which curve you want to use for the ECDH key: 1
1) prime256v1 (recommended)
2) secp384r1
3) secp521r1
: 1
– Which digest algorithm do you want to use for HMAC? 1
1) SHA-256 (recommended)
2) SHA-384
3) SHA-512
: 1
– You can add an additional layer of security to the control channel with tls-auth and tls-crypt
tls-auth authenticates the packets, while tls-crypt authenticate and encrypt them: 1
Note: It means adding an additional layer of the security that you want.
1) tls-crypt (recommended)
2) tls-auth
: 1
After answering the questions, it is necessary to press one of the keys to continue the installation process…
As you can see; Here we need to create a username for the client: e.g. OperaVPS
We will face a question again that will ask us:
– Do you want to protect the configuration file with a password? 1
(e.g. encrypt the private key with a password)
1) Add a passwordless client
2) Use a password for the client
: 1
After answering the question;
Now that the OpenVPN client we created is added to the server and ready for a connection test.
::: Installation Complete
Testing VPN Connection Using WinSCP
Step 1: let’s log in to the Linux Server as a GUI environment using WinSCP to have access to the OperaVPS Client profile:
Note: When you enter the software; You will see the client profile created on the Centos server, on the right side of the WinSCP software.
Step 2: We are going to download the file from the Linux server that you connected on it, into the Windows desktop:
How to Download created client in server?
::: Right-click on the Client file and click on the download button to download it to the desktop.
Step 3: Now need to run the OpenVPN software to import the downloaded file:
Note: By referring to the running software in the taskbar and right-clicking on the icon related to OpenVPN, then selecting the Import option, you can enter the downloaded client file to create a VPN in OpenVPN software.
Step 4: Click on the OpenVPN icon again and select the Connect option to test the VPN.
After connecting, we can see the icon of OpenVPN changes to the green icon:
::: VPN Connection Successfully
SUMMARY
Remember, When running OpenVPN GUI on Windows Vista or Windows 7, please note that UAC (User Account Control) is enabled by default, If not: Then you need to use the Run as administrator option to properly connect with OpenVPN GUI.
At The End…
I hope this tutorial has been useful for you and your problems regarding VPN connection and also create VPN server problems that have been solved to a considerable extent. If you have any problems in the VPN installation process or have any questions about this, you can contact us in the Comment section at the bottom.
