Now Trending:
Home
How to Install OpenVPN Server on Debian VPS

How to Install OpenVPN Server on Debian VPS

May 10, 2025

By someone who’s broken a few VPNs and finally figured it out the chill way

If you want to protect your online data, one good option is using a VPN. A VPN (short for Virtual Private Network) creates a secure tunnel between your device and the internet. It hides your IP address and keeps your internet traffic private. This is helpful when using public Wi-Fi or when you just want to keep things to yourself (no snooping allowed).

In this post, I’ll walk you through how to set up your own OpenVPN server on a Debian VPS. I’ll use simple words, short steps, and I’ll throw in a few puns for fun. If you’ve never done this before, don’t worry—I’ll explain every new term. If you’ve done this before, maybe you’ll pick up a new trick or two. Or at least a laugh.

What Is OpenVPN?

OpenVPN is free software that lets you create your own VPN server. It uses strong encryption (a way to lock your data with a secret key) so no one can read your stuff unless they have the key.

Why choose OpenVPN?

  • It’s open-source (anyone can look at the code).
  • It works on many devices.
  • It’s flexible and powerful.

Compared to other VPN tools like WireGuard or IPsec, OpenVPN might be a bit slower but it’s very stable and trusted. It’s like the steady old minivan—not flashy, but it gets the job done.

What You’ll Need Before You Begin

Before we dive in, here’s what you need to get started:

  • A Debian VPS (Debian 10 or newer works fine)
  • Root access or sudo privileges
  • An internet connection
  • A little patience and coffee (or tea, or soda—I don’t judge)

Step 1: Update Your Server

First things first. Let’s make sure your system is up to date.

Open your terminal and type:

sudo apt update && sudo apt upgrade -y

This makes sure all the software on your server is fresh. It also prevents weird errors later. Think of it like brushing your teeth before eating garlic—it’s just good practice.

Step 2: Install Required Packages

We need a few packages to get started.

sudo apt install curl wget gnupg2 ca-certificates lsb-release -y

Let me explain those:

  • curl and wget: Tools to download files
  • gnupg2: Used for handling keys
  • ca-certificates: Helps verify secure websites
  • lsb-release: Gives info about your Linux version

These are like the tools in your toolbox. Without them, you’ll have a hard time building anything.

Step 3: Use a Script to Install OpenVPN (the Easy Way)

Now, instead of installing everything piece by piece, we’ll use a script. This script does the hard work for us.

Run this command:

curl -O https://raw.githubusercontent.com/angristan/openvpn-install/master/openvpn-install.sh

Then make the script executable:

chmod +x openvpn-install.sh

And finally, run it:

sudo ./openvpn-install.sh

The script will ask you a few questions, like:

  • What IP address to use (it usually picks the right one)
  • What port you want OpenVPN to run on (default 1194 is fine)
  • Which DNS server you prefer (you can choose Google, Cloudflare, or others)
  • Client name (this will be the name of your first VPN user)

Once you answer all of those, it will install everything for you. Sit back and let the magic happen.

Step 4: Generate Client Configuration File

After the script finishes, it will create a file like yourname.ovpn. This file is your key to the VPN. It includes all the settings your device needs to connect securely.

You can download the file using:

scp yourname.ovpn username@your-computer:/path/to/save

Or if you’re lazy like me and using a tool like WinSCP or FileZilla, just drag and drop it.

Keep this file safe. It’s like your house key. You don’t want it falling into the wrong hands.

Step 5: Connect from Your Device

Now you need to connect to your VPN using the file you just downloaded.

On Windows:

  • Download OpenVPN GUI
  • Install it
  • Move the .ovpn file into the config folder
  • Right-click the app and choose “Connect”

On Android:

  • Install the OpenVPN for Android app
  • Import the .ovpn file
  • Tap “Connect”

On Linux or macOS:

You can use the terminal:

sudo openvpn --config yourname.ovpn

Boom. You’re connected.

List #1: Benefits of Having Your Own OpenVPN Server

Why would you run your own VPN when you could just buy one?

  • Privacy – You control the server
  • No monthly fee – Just pay for the VPS
  • Better trust – No shady VPN company watching your traffic
  • Learning – You get smarter every time you set something up

Also, it just feels cool. Like you’ve got your own private internet clubhouse.

Step 6: Add More Users Later

Let’s say you want to give your friend a VPN too. Just run the script again:

sudo ./openvpn-install.sh

Choose the option to add a new user. It’ll make a new .ovpn file. Easy peasy.

Step 7: Enable Auto-Start on Reboot

You don’t want your VPN to go offline after a server reboot. To make sure it always starts:

sudo systemctl enable openvpn@server

Or, depending on how your install is set up:

sudo systemctl enable openvpn

This tells your VPS to start OpenVPN whenever it boots up. Like a dog that always wakes up before you do. Loyal and ready.

Step 8: Harden Your VPN Server (Make It Stronger)

You’ve got it running. Now let’s make it safer.

Use UFW Firewall

sudo apt install ufw -y

Allow only SSH and OpenVPN:

sudo ufw allow OpenSSH
sudo ufw allow 1194/udp
sudo ufw enable

Disable Root Login (optional but good)

Edit your SSH config:

sudo nano /etc/ssh/sshd_config

Find PermitRootLogin yes and change it to:

PermitRootLogin no

Save and restart:

sudo systemctl restart ssh

That helps keep hackers out. Root is like the king of the castle—you don’t want just anyone wearing the crown.

List #2: Troubleshooting Tips

If things don’t go as planned (they never do), here are some quick checks:

  • Can’t connect? Make sure port 1194 is open.
  • Client says “waiting for server”? Check your firewall.
  • Still not working? Reboot your server and try again.

Also check logs:

sudo journalctl -u openvpn

Reading logs might feel like decoding alien language, but they’re your best clues.

List #3: Alternatives to OpenVPN

If OpenVPN isn’t your thing, there are other tools:

  • WireGuard – Faster and newer, but less flexible
  • SoftEther – Good for bypassing firewalls, but harder to set up
  • IPsec/L2TP – Often used on mobile, but trickier and less secure

Personally, I stick with OpenVPN because it works almost everywhere and I know how to fix it when things break. But it’s your call.

Final Thoughts (And a VPN Joke)

Setting up OpenVPN on Debian might feel tricky the first time, but once you do it, it’s smooth sailing. I remember messing it up the first few times—firewall this, routing that. But now? It’s like making toast.

And before I go, here’s a geeky VPN pun for your day:

Why did the packet cross the VPN tunnel?
To get to the secure side.

Tweet

Related Posts

Leave a Reply