Setting up a Virtual Private Network (VPN) server can add an extra layer of security to your internet connection. This comprehensive tutorial will guide you step-by-step on how to configure a secure VPN server on Ubuntu Server 23.04, using two robust technologies – OpenVPN and WireGuard. Both of these open-source software offer secure and private access to your network resources, irrespective of your location.
Please note: This guide is written for Ubuntu Server 23.04 LTS. Make sure you have the necessary privileges to install and configure network services on your Ubuntu Server.
Guide for Configuring a VPN server on Ubuntu
Pre-requisites
Before we start, ensure that you have:
- An Ubuntu 23.04 LTS Server installed and running
- Sudo or root access to your server
- Basic knowledge of Linux commands
Update your Ubuntu Server
Firstly, always ensure that your Ubuntu Server is up-to-date. You can do this by running the following commands:
sudo apt update
sudo apt upgrade
Setting Up OpenVPN Server
We will first cover setting up an OpenVPN server.
Install OpenVPN
Install OpenVPN by running the following command:
sudo apt install openvpn
Generate OpenVPN Server Configuration
You can generate the OpenVPN server configuration using the ‘sample-config-files’ directory. Copy it to ‘/etc/openvpn’.
sudo cp /usr/share/doc/openvpn/examples/sample-config-files/server.conf.gz /etc/openvpn/
sudo gzip -d /etc/openvpn/server.conf.gz
Configure OpenVPN Server
Edit the OpenVPN server configuration:
sudo nano /etc/openvpn/server.conf
Modify the ‘dh’ parameter to use the ‘dh.pem’ file:
dh none
ecdh-curve prime256v1
tls-crypt tls-crypt.key 0
crl-verify crl.pem
ca ca.crt
cert server.crt
key server.key
Start and Enable OpenVPN Service
To start and enable OpenVPN service, run the following commands:
sudo systemctl start openvpn@server
sudo systemctl enable openvpn@server
Setting Up WireGuard Server
Install WireGuard
You can install WireGuard from the Ubuntu repository:
sudo apt install wireguard
Generate WireGuard Server Configuration
First, generate the private and public keys:
wg genkey | sudo tee /etc/wireguard/privatekey | wg pubkey | sudo tee /etc/wireguard/publickey
Create a WireGuard configuration file:
sudo nano /etc/wireguard/wg0.conf
Configure the WireGuard server in the ‘wg0.conf’ file:
[Interface]
PrivateKey = <Your Private Key>
Address = 10.0.0.1/24
ListenPort = 51820
Enable and Start WireGuard Service
To enable and start the WireGuard service, run:
sudo systemctl enable wg-quick@wg0
sudo systemctl start wg-quick@wg0
Conclusion on Installing a VPN Server on Ubuntu
Congratulations! You’ve just set up a secure VPN server on your Ubuntu Server using both OpenVPN and WireGuard technologies. Remember, you can connect to this server using a VPN client that supports the technology you’ve chosen for your server.
Related Articles
