Skip to content

Contact sales

By filling out this form and clicking submit, you acknowledge our privacy policy.
  • Labs icon Lab
  • A Cloud Guru
Google Cloud Platform icon

Configure an OpenVPN Server and Client on Ubuntu

A virtual private network (VPN) provides a secure connection for users to access a private network remotely. This grants access to resources on the private network and prevents third parties from accessing sensitive information. In this hands-on lab, you will be tasked with configuring an OpenVPN server that includes a public key infrastructure (PKI) that is capable of receiving connections from an OpenVPN client.

Google Cloud Platform icon

Path Info

Clock icon Intermediate
Clock icon 30m
Clock icon Sep 20, 2022

Contact sales

By filling out this form and clicking submit, you acknowledge our privacy policy.

Table of Contents

  1. Challenge

    Configure the Public Key Infrastructure (PKI) on the OpenVPN Server Host

    • Install the openvpn and easy-rsa services.
    • Configure the certificate authority (CA). The common name should be openvpn-ca.
    • Create keys and certificates for the OpenVPN server and client. The server should be called vpnserver, and the client should be called vpnclient.
    • Sign certificates for the OpenVPN server and client.
    • Generate Diffie-Hellman parameters.
    • Copy the following files to /etc/openvpn: dh.pem, ca.crt, vpnserver.crt, and vpnserver.key.
    • Copy ca.crt, vpnclient.crt, and vpnclient.key to the /home/cloud_user directory on the OpenVPN client host (
  2. Challenge

    Configure the OpenVPN Server

    • Unzip usr/share/doc/openvpn/examples/sample-config-files/server.conf.gz to /etc/openvpn. Ensure that the name of the file is vpnserver.conf.
    • Modify vpnserver.conf, and ensure that it correctly points to the following files: ca.crt, vpnserver.crt, vpnserver.key, and dh.pem.
    • Generate the TLS authentication key (ta.key) and copy it to the /home/cloud_user directory on the OpenVPN client.
    • Enable IPv4 forwarding.
    • Start and enable the openvpn service.
  3. Challenge

    Configure the OpenVPN Client

    • Install the openvpn service.
    • Copy /usr/share/doc/openvpn/examples/sample-config-files/client.conf as well as the certificates and keys in /home/cloud_user to /etc/openvpn.
    • Modify /etc/openvpn/client.conf and ensure that it does the following:
      • Points to the ca.crt, vpnclient.crt, vpnclient.key, and ta.key files
      • Includes the word client
      • Includes the correct IP address and port for the OpenVPN server
    • Start and enable the openvpn service.

The Cloud Content team comprises subject matter experts hyper focused on services offered by the leading cloud vendors (AWS, GCP, and Azure), as well as cloud-related technologies such as Linux and DevOps. The team is thrilled to share their knowledge to help you build modern tech solutions from the ground up, secure and optimize your environments, and so much more!

What's a lab?

Hands-on Labs are real environments created by industry experts to help you learn. These environments help you gain knowledge and experience, practice without compromising your system, test without risk, destroy without fear, and let you learn from your mistakes. Hands-on Labs: practice your skills before delivering in the real world.

Provided environment for hands-on practice

We will provide the credentials and environment necessary for you to practice right within your browser.

Guided walkthrough

Follow along with the author’s guided walkthrough and build something new in your provided environment!

Did you know?

On average, you retain 75% more of your learning if you get time for practice.

Start learning by doing today

View Plans