Manoj Kumar
- Nov 17, 2021
- 3 min read

How to Setup OpenVPN-AS in Ubuntu 20.04 - Google Cloud(GCP)

Updated: Jan 28

Prerequisites:

You will need the following items to complete this tutorial

A Compute Engine (VM) Instance up and running with Ubuntu 20.04 LTS.
Both Ingress and Egress Firewall rules.
Static IP Address for VM Instance.

Step - 1. Create a Compute Engine (VM) Instance.

Log in to Google cloud console, and click on the navigation menu. Also, scroll down over to the Compute Engine and choose VM instances.

OpenVPN GCP, Compute Engine - Instance Name, Region, Zone, Machine Family, Series, and Type

Next, click on "create instance" to launch a new virtual machine and type the instance name (For example, openvpn-access-server), then choose the region you prefer to launch VM instance, next choose the zone and machine family, series, type or leave those options to default.

OpenVPN setup GCP, Ubuntu 20.04 LTS Book Disk

Scroll down until you notice the boot disk, and click on change the boot disk, then select the operating system to Ubuntu and choose the version to 20.04 LTS also increase the disk size to 15 GB (if you prefer to or leave it as default) and click on "select " to finalize the boot disk.

OpenVPN Setup GCP, Compute Engine Networking, Network Tag, Hostname, and IP Forwarding

Scroll down to the bottom and click on the networking, disk, security, and management option to expand and expand the networking options and add a network tag. For example: op-firewall and a hostname (vpn.example.org). In the IP Forwarding section, Check Enable.

OpenVPN Setup GCP, Compute Engine, Static IP Address. External IP

Lastly, scroll down to the network interface, and expand the default field to edit network interfaces. Beneath the External IP, click on the drop-down and choose to create an IP address for the virtual machine instance.
Then scroll down to the bottom of the page and click on create to deploy the virtual machine instance.
Usually, virtual machine deployment takes a few seconds; Once it is complete, We can notice the status information of the virtual machine, such as name, zone, internal IP, External IP and so forth.

Step - 2. Create Firewall Rules.

Add Ingress firewall rules.

OpenVPN Setup GCP, Firewall Rules, TCP and UDP

Go to the Firewall rules page in the VPC network section in the Cloud Console.
Click Create a firewall rule.
On the Create a firewall rule page, enter a name and description.
In the Targets menu, select Specified target tags.
In the Target tags field, enter op-firewall (which is the name that you gave in the Network tags field in the previous section).
In the Source IP ranges field, enter 0.0.0.0/0.
In the Protocols and ports section, select Specified protocols and ports.
Select TCP and enter the following: 22,443,943,945
Select UDP and enter the following: 1194
Click Create.

Add Egress firewall rules

Go to the Firewall rules page in the VPC network section in the Cloud Console.
Click Create a firewall rule.
On the Create a firewall rule page, enter a name and description.
In the Direction of Traffic, choose Egress.
In the Targets menu, select Specified target tags.
In the Target tags field, enter op-firewall (which is the name that you gave in the Network tags field in the previous section).
In the Destination IP ranges field, enter 0.0.0.0/0.
In the Protocols and ports section, select Allow all.
Click Create.

Step -3. Install Dependencies for OpenVPN Access Server.

Navigate to the virtual machine instances interface, and click on the VM instance (OpenVPN server) SSH option to launch the secure shell access and type "sudo su -" and hit enter to switch to root user.

Install Dependencies:

Update and install CA, Net-tools and GnuPG.

apt update && apt -y install ca-certificates wget net-tools gnupg

Import Public Key

wget -qO - https://as-repository.openvpn.net/as-repo-public.gpg | apt-key add -

Then, as root, create a sources.list fragment so that apt can find the new OpenVPN packages.

echo "deb http://as-repository.openvpn.net/as/debian focal main">/etc/apt/sources.list.d/openvpn-as-repo.list

Step - 4. Install OpenVPN Access Server.

Run the following command to install OpenVPN.

apt update && apt -y install openvpn-as

Output

Please enter "passwd openvpn" to set the initial
administrative password, then login as "openvpn" to continue
configuration here: https://10.128.0.4:943/admin
To reconfigure manually, use the /usr/local/openvpn_as/bin/ovpn-init tool.
+++++++++++++++++++++++++++++++++++++++++++++++
Access Server 2.9.6 has been successfully installed in /usr/local/openvpn_as
Configuration log file has been written to /usr/local/openvpn_as/init.log
Access Server Web UIs are available here:
Admin  UI: https://10.128.0.4:943/admin
Client UI: https://10.128.0.4:943/
+++++++++++++++++++++++++++++++++++++++++++++++
Processing triggers for man-db (2.9.1-1) ...
Processing triggers for libc-bin (2.31-0ubuntu9.2) ...

To Access Server Web User Interface
Admin UI:
https://VM-External-IP:943/admin or https://VM-External-IP/admin
Client UI:
https://VM-External-IP/?src=connect

Conclusion:

Here are some more setup options that are recommended.

OpenVPN Connect for Windows.

How to Setup OpenVPN-AS in Ubuntu 20.04 - Google Cloud(GCP)

Prerequisites:

Step - 1. Create a Compute Engine (VM) Instance.

Step - 2. Create Firewall Rules.

Add Ingress firewall rules.

Add Egress firewall rules

Step -3. Install Dependencies for OpenVPN Access Server.

Step - 4. Install OpenVPN Access Server.

Recent Posts

Do you need assistance? Visit Forum to join the conversation.