Introduction

Vultr's One-Click OpenVPN application is a ready-to-run Virtual Private Network server, running on Ubuntu Linux. Select a location, choose the instance size, and click Deploy Now. Your VPN server is ready to use in about a minute.

To configure the server, locate two sets of user credentials on the Server Information screen. The root login (1), is used for console access. The openvpn login (2) is used for web administration.

Initial Setup

Substitute your server's IP address for the example 192.0.2.123 used in this guide.

Navigate to https://192.0.2.123/admin and proceed past the browser certificate warning. Click Agree to accept the license agreement and proceed to the main dashboard. When first installed, the server allows 2 VPN connections. If you have an OpenVPN activation Key, enter it here to unlock additional features.

Connect To the VPN

Follow the steps below to connect to your VPN using the OpenVPN Connect Client. The official OpenVPN website also has useful guides:

Windows Client

Navigate to https://192.0.2.123/ as the client that you want to connect to your VPN with. The default is the openvpn user (2) found on the Server Information page. Download the .msi installer. Proceed through the installation wizard. Locate the "OpenVPN Client" shortcut on your start menu and launch the application. An OpenVPN icon will appear by the system clock. Click the icon, then click "Connect 192.0.2.123" from the popup menu. Follow the login prompts. Once completed, you will be on the VPN hosted by your server.

Mac OS X Client

Navigate to https://192.0.2.123/ as the client that you want to connect to your VPN with. The default is the openvpn user (2) found on the Server Information page. Download the .dmg installer. Right-click on the downloaded .dmg installer and click "Open". Allow the installation from an unidentified developer. Proceed through the installation wizard. Navigate to /Applications/OpenVPN. Launch "OpenVPN Connect.app". An OpenVPN icon will appear by the system clock. Click the icon, then click "Connect 192.0.2.123" from the popup menu. Follow the login prompts. Once completed, you will be on the VPN hosted by your server.

Troubleshooting

If you do not see your server's IP in the list, revisit https://192.0.2.123/ and follow the steps to connect. Your web browser may block content on that page that prevents your tray icon from updating - in this case, you will need to allow content on that page to run.

Using Your VPN

Here are some important notes to keep in mind while using your OpenVPN app on Vultr.

Control panel

Each OpenVPN app includes the Access Server control panel at: https://192.0.2.123/

Adding users

OpenVPN uses system user accounts for authentication. To add more users, log in as the root user (1) and add a user with adduser.

# adduser example_user

OpenVPN allows you to log in with the same account from multiple locations. The default openvpn user may be sufficient. Customize additional user permissions in the control panel: https://192.0.2.123/admin/user_permissions

Concurrent users

When first installed, the server allows two concurrent VPN connections. If you need additional connections, you may purchase a license from OpenVPN. See the license section of the control panel: https://192.0.2.123/admin/license

Network ranges and client separation

The VPN default network address range is 172.27.224.0—172.27.239.255. OpenVPN assigns your computer an address in this range when connected.

By default, OpenVPN does not allow clients to communicate with each other. If you want clients to communicate, change the "VPN Settings" section of the control panel.

Visit the VPN settings page: https://192.0.2.123/admin/vpn_settings In the routing section, choose "Yes, using routing (advanced)" under "Should VPN clients have access to private subnets (non-public networks on the server side)?". In the "Specify the private subnets..." box, enter 172.27.224.0/20. Click "Save Settings". Then click "Update Running Server".

IPv6

IPv6 is not supported. No IPv6 traffic is routed through the OpenVPN app.

DNS

OpenVPN controls the DNS settings of each connected client computer. By default, the DNS servers of your OpenVPN server are used. You can change this behavior in the control panel: https://192.0.2.123/admin/vpn_settings

Routing

When connected to OpenVPN, all IPv4 internet traffic passes through it. Your internet download/upload speeds will be slower than normal.

Cockpit

You can use Cockpit control panel to manage your instance and software. The login and URL are located on the Server Information page of the Customer Portal.

Disable Cockpit

To disable the control panel:

# systemctl disable --now cockpit.socket

About One-Click Apps

One-Click apps are updated regularly without notice. When launching a One-Click app, you'll receive our latest version. We do not update deployed instances, and you are responsible for keeping the instance up-do-date. If you design an infrastructure based on One-Click apps and need to ensure the same app version in the future, take a snapshot of the initial deployment and create new instances from the snapshot.