Private OpenVPN Server Installation for Secure VPN Access

Security and privacy are extremely important nowadays, so people are always in search of new ways to protect themselves while surfing the Internet.

A virtual private network (VPN) is one of the most common solutions used by companies and individuals to protect their connections and communications from cybersecurity threats with the help of strong encryption algorithms.

There are many commercial and even free services that offer VPN. However, the vast majority of them are using shared infrastructure, meaning that many customers are using the same encryption servers and IP addresses. Such an approach increases the risk of security breaches. Also, one fraud user can compromise the shared infrastructure and lead to blocking many IP addresses of the VPN service across popular public websites. In addition, the owners of the shared VPN services can potentially have access and analyze all your traffic. Thus a dedicated VPN server installation inside your own cloud environment provides a much higher level of security compared to the shared VPN services.

Below we describe how to establish a private and fully trusted VPN connection based on OpenVPN server software automatically installed inside Jelastic PaaS in order to cover the following use cases:

Within the article you’ll find out how to perform:

OpenVPN Server Software Installation

1. Sign in to the Jelastic account, open Marketplace and find the OpenVPN Access Server in the Dev & Admin Tools section.

2. Customize settings in the installation window:

If required, change the environment name and destination region. Finally, click on the Install.

3. Once the success installation window appears follow the Client UI URL to access the Admin Web Server to get the connection profiles or change OpenVPN Access Server parameters.

In case you have no OpenVPN client software installed, choose an appropriate one for your OS.

OpenVPN Client Software and Profiles

From the user panel:

VPN Connection

Follow the steps below to establish VPN connection:

1. Once client software is installed, download OpenVPN autologin profile to your device as file client.ovpn.

2. Import client.ovpn and invoke connection:

Once the file is imported choose a connect option like this:

3. Finally, the encrypted tunnel has been established to your cloud infrastructure and secure Internet connection through it as well.

VPN Tunnel Verification

Once the connection is established, proceed to the verification.

With the option of Secure Internet Access you can simply browse the Internet. And in case of the Secure Remote Access option, use the environment hostnames to reach the hosts in cloud LAN by their private IP addresses.

To do this let’s ping from the local computer two nodes that belong to the required environments, in our case these are DevOps Lab — GitLab Server and Kubernetes Cluster v1.18.10.

The nodes’ hostnames were resolved into respective private IP addresses and responded to the ping commands via VPN tunnel from the local user’s device.

Change VPN Access Mode

Despite the Access Mode was chosen upon VPN server installation you can change it at any time. Open the server Add-Ons tab.

Click on configuration button either to Change Mode and pick one required:

Here you can even Reset Password for the openvpn user account created by default.

OpenVPN Custom Domain SSL Certificate

If necessary, bind the custom domain to the Admin Web Server and issue a valid SSL certificate for it. To do this create an A record at your domain registrar using a public IP address that has been provisioned for VPN server node. Then click on the Configure button in Let’s Encrypt Free SSL add-on

and replace the platform domain, for example myvpn-gw.vip.jelastic.cloud

with a custom one for example vpn-gw.jele.website.

Right after successful certificate issuance open Admin Web Server UI using new domain name: https://vpn-gw.jele.website.

Now you know how to easily install OpenVPN Access Server and get secure on the Internet with Jelastic PaaS.

Multi-Cloud PaaS for Business and DevOps