Install Open VPN di ubuntu, cuma butuh 5 menit !

Beberapa hari ini saya akses website supplier di china dengan koneksi yang ada sangat lambat sekali dan bikin frustasi. Saya sudah gonta ganti provider, hasilnya sama saja, website supplier tidak bisa di akses dengan cepat. kemudian saya coba pakai VPN gratisan dengan server di singapore… website supplier bisa di akses dengan cepat (VPN gratisan…, kuenceng namun tidak stabil 🙂), jadi bisa di simpulkan kendala bukan ada di web server supplier, namun karena masalah jalur koneksi saja…

nah untuk menyiasati ini…, akhirnya mau nggak mau saya harus intall VPN di VPS pribadi agar koneksi berjalan stabil, dan kali ini pilihan installasi VPN jatuh ke OpenVPN. oh iya…, server VPN ini saya taruh di Digital Ocean yang ada di singapore.

Untuk proses installasi berjalan sangat mudah dan tidak memakan waktu lama. untuk langkah – langkah installasinya bisa di cek di bawah :

root@stokproduk:~# wget https://raw.githubusercontent.com/Angristan/OpenVPN-install/master/openvpn-install.sh

root@stokproduk:~# chmod +x openvpn-install.sh

root@stokproduk:~# ./openvpn-install.sh

Setelah menjalankan step di atas, maka akan muncul beberapa pertanyaan yang harus kita isi.

Welcome to the secure OpenVPN installer (github.com/Angristan/OpenVPN-install)

I need to ask you a few questions before starting the setup
You can leave the default options and just press enter if you are ok with them

I need to know the IPv4 address of the network interface you want OpenVPN listening to.
If your server is running behind a NAT, (e.g. LowEndSpirit, Scaleway) leave the IP address as it is. (local/private IP)
Otherwise, it should be your public IPv4 address.
IP address: 45.32.113.226

What port do you want for OpenVPN?
Port: 1194

What protocol do you want for OpenVPN?
Unless UDP is blocked, you should not use TCP (unnecessarily slower)
Protocol [UDP/TCP]: UDP

What DNS do you want to use with the VPN?
1) Current system resolvers (from /etc/resolv.conf)
2) Cloudflare (Anycast: worldwide)
3) Quad9 (Anycast: worldwide)
4) FDN (France)
5) DNS.WATCH (Germany)
6) OpenDNS (Anycast: worldwide)
7) Google (Anycast: worldwide)
8) Yandex Basic (Russia)
9) AdGuard DNS (Russia)
DNS [1-9]: 1

See https://github.com/Angristan/OpenVPN-install#encryption to learn more about
the encryption in OpenVPN and the choices I made in this script.
Please note that all the choices proposed are secure (to a different degree)
and are still viable to date, unlike some default OpenVPN options

Choose which cipher you want to use for the data channel:
1) AES-128-CBC (fastest and sufficiently secure for everyone, recommended)
2) AES-192-CBC
3) AES-256-CBC
Alternatives to AES, use them only if you know what you’re doing.
They are relatively slower but as secure as AES.
4) CAMELLIA-128-CBC
5) CAMELLIA-192-CBC
6) CAMELLIA-256-CBC
7) SEED-CBC
Cipher [1-7]: 1

Choose what size of Diffie-Hellman key you want to use:
1) 2048 bits (fastest)
2) 3072 bits (recommended, best compromise)
3) 4096 bits (most secure)
DH key size [1-3]: 1

Choose what size of RSA key you want to use:
1) 2048 bits (fastest)
2) 3072 bits (recommended, best compromise)
3) 4096 bits (most secure)
RSA key size [1-3]: 1

Finally, tell me a name for the client certificate and configuration
Please, use one word only, no special characters
Client name: client

………+++

………+++

………+++

………+++

writing new private key to ‘/etc/openvpn/easy-rsa/pki/private/client.key.vqKHZUp6yC’
—–
Using configuration from ./openssl-easyrsa.cnf
Check that the request matches the signature
Signature ok
The Subject’s Distinguished Name is as follows
commonName :ASN.1 12:’client’
Certificate is to be certified until Aug 3 07:38:17 2028 GMT (3650 days)

Write out database with 1 new entries
Data Base Updated

Note: using Easy-RSA configuration from: ./vars
Using configuration from ./openssl-easyrsa.cnf

An updated CRL has been created.
CRL file: /etc/openvpn/easy-rsa/pki/crl.pem

367
Synchronizing state of openvpn.service with SysV init with /lib/systemd/systemd-sysv-install…
Executing /lib/systemd/systemd-sysv-install enable openvpn

Finished!

Your client config is available at /root/client.ovpn
If you want to add more clients, you simply need to run this script another time!

 

Setelah proses konfigurasi di sisi server selesai, tinggal download file /root/client.ovpn dan import di OpenVPN Client.

Leave a Reply

Your email address will not be published. Required fields are marked *

1 × two =