Pritunl is an open source management interface for OpenVPN. It allows for private networks, has native IPv6 support, and is relatively simple to use.
That said, it also receives regular updates, and allows for full customization. In addition to the features above, custom routes are supported, and key size can be selected for increased performance.
In order to install Pritunl, you'll need:
A CentOS 7 system (both 32 and 64 bit systems are supported).
Root access (determine whether you are root by executing the following command:
A minimum of 512 MB of RAM, or the lowest plan.
vim (text editor).
In order to install Pritunl, we'll need to add the necessary repositories to
yum. Yum is essentially the package manager for CentOS and RHEL systems. It is similar to
apt-get, so don't worry if this is your first time.
We'll be using
nano for this tutorial, but you may use
vim, if you prefer.
The first thing we'll be doing is adding the MongoDB repository:
Once you've entered the file, it should be blank. Paste the following in:
[mongodb-org-3.4] name=MongoDB Repository baseurl=https://repo.mongodb.org/yum/redhat/7/mongodb-org/3.4/x86_64/ gpgcheck=1 enabled=1 gpgkey=https://www.mongodb.org/static/pgp/server-3.4.asc
Exit and save by pressing
O simultaneously. Once you do, simply press the "enter" key.
Now that we've added the repository for
MongoDB (database software for Pritunl), we need to add the Pritunl repository.
When the file loads in your text editor, paste the following:
[pritunl] name=Pritunl Repository baseurl=https://repo.pritunl.com/stable/yum/centos/7/ gpgcheck=1 enabled=1
Exit and save.
Continuing on, we need to install
yum -y install epel-release
We now have all of the dependencies required. We'll need to disable SELinux before continuing:
It should say the following once opened:
# This file controls the state of SELinux on the system. # SELINUX= can take one of these three values: # enforcing - SELinux security policy is enforced. # permissive - SELinux prints warnings instead of enforcing. # disabled - No SELinux policy is loaded. SELINUX=enforcing . # SELINUXTYPE= can take one of three two values: # targeted - Targeted processes are protected, # minimum - Modification of targeted policy. Only selected processes are protected. # mls - Multi Level Security protection. SELINUXTYPE=targeted
SELINUX=enforcing line to
Reboot your server, and log back in.
We've added all of the necessary packages and changed the necessary settings to install Pritunl.
Before we install, we need to add some keys (necessary for the repositories to function):
gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 7568D9BB55FF9E5287D586017AE645C0CF8E292A gpg --armor --export 7568D9BB55FF9E5287D586017AE645C0CF8E292A > temp.tmp; sudo rpm --import temp.tmp
We can now delete the temporary key:
rm -f temp.tmp
Now, we'll run
yum to install Pritunl:
yum -y install pritunl mongodb-org
yum finishes, we'll make it so Pritunl and MongoDB run on startup:
systemctl start mongod pritunl systemctl enable mongod pritunl
Pritunl is now installed.
After installing Pritunl, run the following:
Make note of the key that comes from running the command above.
Now, visit your server:
You should see the following:
Paste the key that you were given from
Once you hit the "Save" button, you will be prompted to set credentials. You will then be redirected to the login page:
Sign in with your credentials. Proceed to the next section on adding users, and creating your first VPN server.
If you wish to allow other users (whether it be a friend, or colleague), click the "Users" link on the navigation bar:
You should have created an organization already, and creating a user is simple. Click "Add User", and you will be prompted with the following:
As mentioned previously, Pritunl simply manages OpenVPN.
Head to the "Servers" tab in the navigation bar and click "Add Server." You will be prompted with the following:
Fill in the fields with the appropriate information. You may choose the protocol (UDP is better for speed, and shorter distances), local IP range, and other options available through the "Advanced" tab.
Once you hit "Add," the dialog will close. After it does, click "Attach Organization".
Select the organization we created in the previous section, and the VPN server created in this section.
As Pritunl uses OpenVPN, connecting should be a breeze. You can choose to install the Pritunl client, or the standalone OpenVPN client.
Note: Installing a client is necessary in order to connect.
Before installing the client, proceed back to the "Users" tab in the management interface. You should see icons next to the user you created:
tar.gz file will begin to download. Upon extraction, you'll receive the profile required to connect. Save the file in a safe place.
You can download the Pritunl client from the official site. The client supports all OpenVPN servers.
For enhanced security, enable two-factor authentication with Pritunl! Two factor authentication is available with Pritunl. It adds the functionality to OpenVPN. You can use Authy, or any supported app to generate the code that you can use to connect.
Congratulations! You've installed and configured your own VPN server.
If you need to uninstall, the process is simple. Run:
yum remove -y pritunl mongodb-org