Remote Access VPN To Work From Home Using OpenVPN Access Server
What is a Remote Access VPN?
For remote workers to connect to their Office|Firm|Business|Company resources, Companies use Remote Access VPN which establishes safe access to company resources over the Internet. Once secure remote access is established, employees are able to access their company resources just as if their devices were physically plugged in at the office. It secures users’ traffic by using industry-standard security and encryption protocols.
Deployment Scheme
The deployment scheme consists of installing OpenVPN Access Server on Ubuntu 18.0.4 LTS server, TCP and UDP ports will be forwarded later we will finalize the deployment through using GUI (Graphical User Interface) and CLI (Command-Line Interface).
Remote Access VPN Software
For Remote access VPN deployment purposes, we will use OpenVPN Access Server Software. It is based on OpenVPN which is an open-source commercial[11] software that implements virtual private network (VPN) techniques to create secure point-to-point or site-to-site connections in routed or bridged configurations and remote access facilities. OpenVPN Access Server is a complete package containing all the installation and configuration tools with downloadable client software.
Remote Access VPN Server Installation
Now spin up your Ubuntu server 18.0.4 LTS using a physical server or a Virtual Machine. Assuming that you logged in then take the root access of the Ubuntu Server. Once you have the root access type in the following commands and start building your remote access VPN server as follows:
apt update && apt -y install ca-certificates wget net-tools gnupg
wget -qO - https://as-repository.openvpn.net/as-repo-public.gpg | apt-key add -
echo "deb http://as-repository.openvpn.net/as/debian bionic main">/etc/apt/sources.list.d/openvpn-as-repo.list
apt update && apt -y install openvpn-as
Have a good look on the screen, after pasting, for errors if there are none then your screen would look similar to this one.
and if not you can always type a comment for further help or you can look for the forums. Now reboot your server by typing reboot.
Setting Up Admin Password
Now let’s create a password for Administrator, by default “openvpn” is the username for Admin Account. For this take the root access and Type:
#For root access
sudo su
#Set password for the Admin user
passwd openvpn
Once you enter this command it will ask for a new password. Enter the new password and save it somewhere safe.
Now reboot your server by typing :
reboot
Port-Forwarding
For remote workers to connect to our Remote Access VPN server we need to forward or expose some ports to the internet and disable the rest. you need to forward these UDP and TCP ports on your router or firewall.
UDP:1194
TCP:443,943,945
Once ports are properly forwarded remote workers will be able to connect to our VPN Server.
Reference: The same Installation method can be applied if you are planning to make your own VPN on any Cloud Hosting.
Creating a User Account
Take access to your VPN Server locally by typing :
Enter your Admin Account Credentials.
Once correctly entered the following page will show up:
If you want more than 2 users access then you will be needing the activation key just insert the activation key or ignore it if you want to use it for up to 2 users.
Let’s create a User Account for this click the USER MANAGEMENT tab and then click User Permissions as shown below.
The figure shows creating a user with the username user1 make sure you check the Allow-Auto login check box this will allow you to auto-download Openconnect Client with OVPN Client Profile for any Operating system for instance Windows/IOS/Linux/Android. After this click More Settings and set a user password in the password field. Now click the Save Settings button and then click the Update Running Server button.
DNS Settings for remote users
You need to auto-assign DNS settings to the remote user for this go to the CONFIGURATION tab and then click VpnSettings scroll down and reach DNS Settings select YES for Have clients use specific DNS servers and then add the following DNS Server IP addresses as shown in the figure.
Here you can use any DNS servers for your remote users. A good choice will also be OpenDNS servers for added safety, so choose as you like. After this Click Save Settings and then click Update Running Server Settings this will conclude DNS settings.
Network Settings for Remote Access VPN Server
Use Your Static Public IP which is given by your ISP if not already given then do ask your ISP for One. In this article, it is assumed that you own at least one Public Static Ip Address, if you cannot get One then give a readout to these posts.
Public Ip Alternate |Dynamic DNS
Using Cloud IP in absence of a Public static IP
Assuming that you have a public IP then you need to go to Network Setting under the CONFIGURATION tab.
Add your Public IP as shown in the figure.
Save it and Update the Server and then Logout.
Downloading Client Software
Now it’s time to download the VPN client for the users, which is called openconnect. Now Type:
https://Server_Local_IP
Hit Enter and then do the following :
- A Login Page will open, type in your previously created user name and password and press submit.
- Now download the openvpn connect client for the desired platform and also download the OVPN Client Profile.
- Once downloaded run the openconnect client and Open the OVPN Profile then this will ask for Import Profile.
- Import the user profile and add your username and password and finally click connect.
Verify Reachability
Once Connected Use a PC independent of your Network for example you can use your 4G internet cell phone and then type in the internet browser window.
https://Public_IP_of_Your_Server
Download the client and type in the username and password for the previously created user and then connect.
Once connected ping google DNS at 8.8.8.8 and then type on the browser window what is my IP the site should be showing your Remote Access VPN Server Public IP and this completes the Setup.
If you are done with remote access VPN, then you may be concerned about its security, that is it safe to use OpenVPN? or you may look to set up an openvpn server on a cloud, and for this, you may be interested in the related topics.
Next To Read: