Featured resource
Tech Upskilling Playbook 2025
Tech Upskilling Playbook

Build future-ready tech teams and hit key business milestones with seven proven plays from industry leaders.

Learn more
  • Labs icon Lab
  • Cloud
Google Cloud Platform icon
Labs

Configure an OpenVPN Server and Client on Ubuntu

A virtual private network (VPN) provides a secure connection for users to access a private network remotely. This grants access to resources on the private network and prevents third parties from accessing sensitive information. In this hands-on lab, you will be tasked with configuring an OpenVPN server that includes a public key infrastructure (PKI) that is capable of receiving connections from an OpenVPN client.

Google Cloud Platform icon
Labs

Path Info

Level
Clock icon Intermediate
Duration
Clock icon 30m
Last updated
Clock icon Sep 01, 2025

Contact sales

By filling out this form and clicking submit, you acknowledge our privacy policy.

Table of Contents

  1. Challenge

    Configure the Public Key Infrastructure (PKI) on the OpenVPN Server Host

    • Install the openvpn and easy-rsa services.
    • Configure the certificate authority (CA). The common name should be openvpn-ca.
    • Create keys and certificates for the OpenVPN server and client. The server should be called vpnserver, and the client should be called vpnclient.
    • Sign certificates for the OpenVPN server and client.
    • Generate Diffie-Hellman parameters.
    • Copy the following files to /etc/openvpn: dh.pem, ca.crt, vpnserver.crt, and vpnserver.key.
    • Copy ca.crt, vpnclient.crt, and vpnclient.key to the /home/cloud_user directory on the OpenVPN client host (10.0.1.102).
  2. Challenge

    Configure the OpenVPN Server

    • Unzip usr/share/doc/openvpn/examples/sample-config-files/server.conf.gz to /etc/openvpn. Ensure that the name of the file is vpnserver.conf.
    • Modify vpnserver.conf, and ensure that it correctly points to the following files: ca.crt, vpnserver.crt, vpnserver.key, and dh.pem.
    • Generate the TLS authentication key (ta.key) and copy it to the /home/cloud_user directory on the OpenVPN client.
    • Enable IPv4 forwarding.
    • Start and enable the openvpn service.
  3. Challenge

    Configure the OpenVPN Client

    • Install the openvpn service.
    • Copy /usr/share/doc/openvpn/examples/sample-config-files/client.conf as well as the certificates and keys in /home/cloud_user to /etc/openvpn.
    • Modify /etc/openvpn/client.conf and ensure that it does the following:
      • Points to the ca.crt, vpnclient.crt, vpnclient.key, and ta.key files
      • Includes the word client
      • Includes the correct IP address and port for the OpenVPN server
    • Start and enable the openvpn service.

Pluralsight Skills gives leaders confidence they have the skills needed to execute technology strategy. Technology teams can benchmark expertise across roles, speed up release cycles and build reliable, secure products. By leveraging our expert content, skill assessments and one-of-a-kind analytics, keep up with the pace of change, put the right people on the right projects and boost productivity. It's the most effective path to developing tech skills at scale.

What's a lab?

Hands-on Labs are real environments created by industry experts to help you learn. These environments help you gain knowledge and experience, practice without compromising your system, test without risk, destroy without fear, and let you learn from your mistakes. Hands-on Labs: practice your skills before delivering in the real world.

Provided environment for hands-on practice

We will provide the credentials and environment necessary for you to practice right within your browser.

Guided walkthrough

Follow along with the author’s guided walkthrough and build something new in your provided environment!

Did you know?

On average, you retain 75% more of your learning if you get time for practice.