How to Install & Connect OpenVPN Client on Ubuntu

Assuming one of your client want to secure connection to their server. The client has configured OpenVPN server on their network and provided you client configuration file. In that case you only need to install OpenVPN client application to your system and connect to remote vpn network.

This tutorial will help you to install OpenVPN client software and connect to remote vpn network.

Prerequisites

• You must have running OpenVPN server on remote
• Must have OpenVPN client configuration file

Step 1 – Install OpenVPN Client

First of all, log in to your client machine and install the OpenVPN package with the following command:

sudo apt update
sudo apt install openvpn -y

Step 2 – Connect to OpenVPN Server

Copy your client configuration file on the machine and run the following command to connect to the OpenVPN server:

openvpn --config client.ovpn

You should see the following output:

Sat Feb 29 15:39:18 2020 TCP/UDP: Preserving recently used remote address: [AF_INET]69.87.218.145:1194
Sat Feb 29 15:39:18 2020 Socket Buffers: R=[212992->212992] S=[212992->212992]
Sat Feb 29 15:39:18 2020 UDP link local: (not bound)
Sat Feb 29 15:39:18 2020 UDP link remote: [AF_INET]69.87.218.145:1194
Sat Feb 29 15:39:18 2020 TLS: Initial packet from [AF_INET]69.87.218.145:1194, sid=6d27e1cb 524bd8cd
Sat Feb 29 15:39:18 2020 VERIFY OK: depth=1, CN=Easy-RSA CA
Sat Feb 29 15:39:18 2020 VERIFY OK: depth=0, CN=tecadmin-server
Sat Feb 29 15:39:18 2020 Control Channel: TLSv1.3, cipher TLSv1.3 TLS_AES_256_GCM_SHA384, 2048 bit RSA
Sat Feb 29 15:39:18 2020 [tecadmin-server] Peer Connection Initiated with [AF_INET]69.87.218.145:1194
Sat Feb 29 15:39:19 2020 SENT CONTROL [tecadmin-server]: 'PUSH_REQUEST' (status=1)
Sat Feb 29 15:39:19 2020 PUSH: Received control message: 'PUSH_REPLY,redirect-gateway def1,dhcp-option DNS 208.67.222.222,dhcp-option DNS 208.67.220.220,route 10.8.0.1,topology net30,ping 20,ping-restart 60,ifconfig 10.8.0.6 10.8.0.5,peer-id 0,cipher AES-256-GCM'
Sat Feb 29 15:39:19 2020 OPTIONS IMPORT: timers and/or timeouts modified
Sat Feb 29 15:39:19 2020 OPTIONS IMPORT: --ifconfig/up options modified
Sat Feb 29 15:39:19 2020 OPTIONS IMPORT: route options modified

Step 3 – Verify Connection

After a successfull connection, OpenVPN will assign an IP address to your system. You can check it with the following command:

ip a show tun0

Output:

4: tun0:  mtu 1500 qdisc fq_codel state UNKNOWN group default qlen 100
    link/none 
    inet 10.8.0.6 peer 10.8.0.5/32 scope global tun0
       valid_lft forever preferred_lft forever
    inet6 fe80::7226:57b1:f101:313b/64 scope link stable-privacy 
       valid_lft forever preferred_lft forever

You can also check the OpenVPN server log to verify the connection status:

tail -f /var/log/openvpn.log 

You should see the following output:

Fri Feb 21 15:39:18 2020 45.58.34.83:37445 Control Channel: TLSv1.3, cipher TLSv1.3 TLS_AES_256_GCM_SHA384, 2048 bit RSA
Fri Feb 21 15:39:18 2020 45.58.34.83:37445 [client] Peer Connection Initiated with [AF_INET]45.58.34.83:37445
Fri Feb 21 15:39:18 2020 client/45.58.34.83:37445 MULTI_sva: pool returned IPv4=10.8.0.6, IPv6=(Not enabled)
Fri Feb 21 15:39:18 2020 client/45.58.34.83:37445 MULTI: Learn: 10.8.0.6 -> client/45.58.34.83:37445
Fri Feb 21 15:39:18 2020 client/45.58.34.83:37445 MULTI: primary virtual IP for client/45.58.34.83:37445: 10.8.0.6
Fri Feb 21 15:39:19 2020 client/45.58.34.83:37445 PUSH: Received control message: 'PUSH_REQUEST'
Fri Feb 21 15:39:19 2020 client/45.58.34.83:37445 SENT CONTROL [client]: 'PUSH_REPLY,redirect-gateway def1,dhcp-option DNS 208.67.222.222,dhcp-option DNS 208.67.220.220,route 10.8.0.1,topology net30,ping 20,ping-restart 60,ifconfig 10.8.0.6 10.8.0.5,peer-id 0,cipher AES-256-GCM' (status=1)
Fri Feb 21 15:39:19 2020 client/45.58.34.83:37445 Data Channel: using negotiated cipher 'AES-256-GCM'
Fri Feb 21 15:39:19 2020 client/45.58.34.83:37445 Outgoing Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
Fri Feb 21 15:39:19 2020 client/45.58.34.83:37445 Incoming Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key

Conclusion

All done, Your system is connected to the remote OpenVPN network. Now, you don’t required public IP of the remote network machines, You can now access remote network systems with there LAN ip directly.