Knowledge Base

How to install OpenVPN using the A2 QuickInstaller

This article describes how to use the A2 QuickInstaller to install an OpenVPN server and configure client connections.

The A2 QuickInstaller is no longer supported, and is only available on older VPS hosting packages. On newer VPS hosting packages, you can use Webuzo to quickly and easily install a wide range of applications and manage your server.

To check if the A2 QuickInstaller supports this application for your Linux distribution, please see this article.

OpenVPN uses the TUN/TAP virtual network devices, which by default are not enabled on your server. Please submit a ticket at my.a2hosting.com to request this feature. You can install OpenVPN in the meantime, but it will not function correctly until TUN/TAP is enabled.

Installing the OpenVPN server

This procedure installs the OpenVPN server and builds the certificates for one client.

To install OpenVPN, follow these steps:

  1. Use SSH to log in to your system as the root user.
    To use the A2 QuickInstaller, you must log in as the root user using SSH. You cannot use the serial console in the VPS Control Panel to run the A2 QuickInstaller.
  2. To start the A2 QuickInstaller, type the following command, and then press ENTER:
    sh /usr/sbin/quickinstaller.sh
  3. Under Application Installers, type the option number for Miscellaneous, and then press ENTER.
  4. On the Miscellaneous Menu, type the option number for Openvpn, and then press ENTER. The A2 QuickInstaller updates your system, and then begins the installation process.
    The installation process takes some time to complete. Do not interrupt the installation process.
  5. A reminder about TUN/TAP appears. If you have not opened a ticket at my.a2hosting.com requesting TUN/TAP activation, please do so now. You can continue with the installation, but OpenVPN will not function correctly until TUN/TAP is enabled.
  6. Press ENTER.
  7. Type 1 to set up a new OpenVPN server and one client, and then press ENTER.
  8. Type the OpenVPN server port number, and then press ENTER.
    The official OpenVPN port number is 1194.
  9. Type a username for the client, and then press ENTER.
  10. The installation process builds a Certificate Authority (CA) certificate. Type the appropriate values for your organization when you are prompted.
  11. The installation process builds a Server certificate. Type the appropriate values for your organization when you are prompted.
  12. Review the certificate settings. At the Sign the certificate? prompt, type y.
  13. Type y again to commit the certificate requests. The installation process starts OpenVPN and configures firewall rules.
  14. The installation process builds a client certificate for the client username you specified in step 9. Type the appropriate values for your organization when you are prompted.
  15. Review the certificate settings. At the Sign the certificate? prompt, type y.
  16. Type y again to commit the certificate requests. 
  17. When installation is complete, the A2 QuickInstaller provides information about the OpenVPN configuration on your system.

Connecting to the OpenVPN server

How you connect to the OpenVPN server depends on which operating system your client computer runs.

Microsoft Windows operating systems

To connect to the OpenVPN server using a Microsoft Windows operating system, follow these steps:

  1. Use an SCP, SFTP, or FTP client, such as WinSCP, to download the /etc/openvpn/keys/<user>-keys.tgz file from the server to the client.
  2. Extract the contents of the <user>-keys.tgz file. The <user>-keys.tgz file contains certificate files and the <user>.ovpn client configuration file.
  3. There are several client VPN applications available for Windows systems. Consult the documentation for your VPN client to determine how to connect to an OpenVPN server using the <user>.ovpn configuration file.
Apple Mac OS X operating systems

To connect to the OpenVPN server using an Apple Max OS X operating system, follow these steps:

  1. Use an SCP, SFTP, or FTP client to download the /etc/openvpn/keys/<user>-keys.tgz file from the server to the client.
  2. Extract the contents of the <user>-keys.tgz file. The <user>-keys.tgz file contains certificate files and the <user>.ovpn client configuration file.
  3. There are several client VPN applications available for Mac OS X systems. Consult the documentation for your VPN client to determine how to connect to an OpenVPN server using the <user>.ovpn configuration file.
Linux operating systems
The client computer must have the openvpn package installed in order to connect to an OpenVPN server. Consult the documentation for your Linux distribution if you need more information about how to install the openvpn package.

To connect to the OpenVPN server using a Linux-based operating system, follow these steps:

  1. At the command line on the client computer, type the following command to create a directory for the client files:
    mkdir ~/openvpn
  2. Use SCP, SFTP, or FTP to download the /etc/openvpn/keys/<user>-keys.tgz file from the server to the client, where <user> represents the client name .
  3. Type the following comand to extract the contents of the <user>-keys.tgz file:

    tar xzf <user>-keys.tgz
  4. To start the VPN client from the command line, type the following command:

    openvpn <user>.ovpn

Adding additional OpenVPN clients

The OpenVPN server installation process sets up certificates for one client. If you want to add additional clients that can access the OpenVPN server, you must configure certificates for them as well.

To add additional OpenVPN clients, follow these steps:

  1. Use SSH to log in to your system as the root user.
    To use the A2 QuickInstaller, you must log in as the root user using SSH. You cannot use the serial console in the VPS Control Panel to run the A2 QuickInstaller.
  2. To start the A2 QuickInstaller, type the following command, and then press ENTER:
    sh /usr/sbin/quickinstaller.sh
  3. Type y to continue, and then press ENTER.
  4. Under Application Installers, type the option number for Miscellaneous, and then press ENTER.
  5. On the Miscellaneous Menu, type the option number for Openvpn, and then press ENTER.
  6. A reminder about TUN/TAP appears. Press ENTER.
  7. Type 2 to create additional clients, and then press ENTER.
  8. Type a username for the client, and then press ENTER.
  9. Type the appropriate values for your organization when you are prompted.
  10. Review the certificate settings. At the Sign the certificate? prompt, type y.
  11. Type y again to commit the certificate request. The A2 QuickInstaller saves the client files in the /etc/openvpn/keys/<user>-keys.tgz file, where <user> represents the client name that you specified in step 8.

More Information

To view the online documentation for OpenVPN, please visit http://openvpn.net/index.php/open-source/documentation/howto.html.