In an increasingly connected world, privacy and security have become paramount. Setting up your own Virtual Private Network (VPN) service can provide an added layer of protection for your online activities. In this step-by-step guide, we will walk you through the process of creating your own VPN service using OpenVPN and Docker. By following these instructions, you'll have full control over your VPN, ensuring enhanced privacy and security.
Before getting started, ensure that you have the following:
- A server or virtual machine with Docker installed
- Basic command-line knowledge
- A public IP address or domain name for your server
**IMPORTANT** You will need to Port Forward 1194 to your server.
Step 1: Install Docker
Begin by installing Docker on your server. Visit the official Docker website (https://www.docker.com/products/docker-desktop) and download the appropriate version for your operating system. Follow the installation instructions to complete the setup.
Step 2: Create a Docker Network
Open a terminal or command prompt and create a Docker network that will
be used for the VPN connections. Enter the following command:
docker network create vpn-net
Step 3: Create an OpenVPN Configuration Directory
Create a directory on your server where you will store the OpenVPN configuration files. For example, let's create a directory called "openvpn-config":
mkdir openvpn-config
Step 4: Generate OpenVPN Server Configuration Files
Use the following command to generate the OpenVPN server configuration files:
docker run -v $PWD/openvpn-config:/etc/openvpn --log-driver=none --rm -it kylemanna/openvpn ovpn_genconfig -u udp://YOUR_SERVER_IP
Step 5: Initialize the OpenVPN Certificate Authority (CA)
Run the command below to initialize the OpenVPN certificate authority:
docker run -v $PWD/openvpn-config:/etc/openvpn --log-driver=none --rm -it kylemanna/openvpn ovpn_initpki
You will be prompted to enter a passphrase for the CA key. Choose a strong passphrase and remember it securely.
Step 6: Start the OpenVPN Server Container
To start the OpenVPN server container, execute the following command:
docker run -v $PWD/openvpn-config:/etc/openvpn -d -p 1194:1194/udp --cap-add=NET_ADMIN --restart=always --name=openvpn-server --net=vpn-net kylemanna/openvpn
We will now need to open port 1194 on our server's firewall:
ufw allow 1194
Step 7: Generate Client Configuration Files
Generate client configuration files for each VPN client by executing the following commands:
docker run -v $PWD/openvpn-config:/etc/openvpn --log-driver=none --rm -it kylemanna/openvpn easyrsa build-client-full CLIENT_NAME nopass
docker run -v $PWD/openvpn-config:/etc/openvpn --log-driver=none --rm kylemanna/openvpn ovpn_getclient CLIENT_NAME > CLIENT_NAME.ovpn
Replace 'CLIENT_NAME' with a unique identifier for each client.
Step 8: Transfer Client Configuration Files
Securely transfer the generated client configuration files (CLIENT_NAME.ovpn) to the respective client devices using methods like secure file transfer (SCP) or encrypted email.
Step 9: Connect to the VPN
Install an OpenVPN client application, such as OpenVPN GUI for Windows or Tunnelblick for macOS, on the client device. Import the client configuration file (CLIENT_NAME.ovpn) into the client application and connect to the VPN.
By following these simple steps, you have successfully created your own VPN service using OpenVPN and Docker.