Bobcares
Client Area
Emergency Support
Latest | Server Management | VPN

Quick way to install OpenVPN client in Debian

by | Feb 18, 2019

Can you please help me to setup Debian server as VPN client?  Some of my user data can only be transferred using VPN.

That was a recent support request received in our Managed VPN Services help desk. Customer was looking to install OpenVPN in his Debian server.

Often, wrong OpenVPN client configuration can result in VPN connection errors.

Today, we’ll see how our Dedicated Engineers helped the customer to install OpenVPN client in Debian server.

 

Steps to install OpenVPN client in Debian

In general, to connect to an OpenVPN server, there are 2 options. One is to install a browser extension for VPN or to setup a VPN client. Unlike browser extension, configuring OpenVPN client gives great flexibility. That’s why, many users prefer to setup VPN client on their computers. But, the steps to install the client varies depending on the server type.

Here, we’ll primarily focus on the steps to install OpenVPN client in Debian server.

 

1. Install OpenVPN client package

Firstly, our Support Engineers update the packages on the Debian server. Then, we install the OpenVPN client package using the following commands.

apt-get update
apt-get install openvpn

 

2. Configure the client

As the next step, we configure the OpenVPN client.

OpenVPN server creates certificates for each VPN client machine. These certificates should be available on the client computer at the /etc/openvpn directory. Normally, we use the scp command and copy these files from the OpenVPN server to the Debian machine.

scp root@vpnserver.com:/etc/openvpn/clients/clientname.tar.gz
tar -xzvf clientname.tar.gz

This would fetch all the client certificates from the OpenVPN server.

Going further, our Dedicated Engineers copy the sample OpenVPN configuration file using the command:

cp /usr/share/doc/openvpn/examples/sample-config-files/client.conf /etc/openvpn

Now, it’s time to make a few edits in the client specific configuration file at /etc/openvpn/client.conf.

Here, we set the address of the OpenVPN server, the port configured on the OpenVPN server and the actual name of the certificate and key file names. Usually, the OpenVPN port will be 1194.

 

3. Restart OpenVPN

Finally, to make the changes effective, we restart OpenVPN on Debian machine with the command

service openvpn restart

 

4. Testing VPN connectivity

Now, its time to test the connection to the VPN server from the Debian machine. To ensure the connection, our Support Engineers first do a ping test to the OpenVPN server. When it connects successfully, we use the following command to connect.

openvpn --config clientname.ovpn

And, when OpenVPN shows the message “Initialization Sequence Completed“, then you are connected.

 

Common errors with Debian OpenVPN client

Till now, we saw how to install OpenVPN client on Debian computer. From our experience in managing Debian servers, we often get requests to solve VPN client related errors. Let’s have a look at the typical problems that we see.

 

1. Firewall restriction

Unfortunately, firewall restriction often cause trouble while connecting to servers via VPN. When the OpenVPN server port is not open on the Debian machine, the connection will time out with an error.

Error: Connection activation failed: the connection attempt timed out.

To fix the error, our Support Engineers open the necessary OpenVPN ports on the server and allow connection. And, after this change, VPN connection works successfully.

 

2. TLS version conflict

Similarly, OpenVPN client may refuse to connect to the server due to incompatibility with Transport Layer Security (TLS) protocol.

A typical error message from OpenVPN session will look like:

Mon Dec 24 08:15:15 2018 TLS_ERROR: BIO read tls_read_plaintext error
Mon Dec 24 08:15:15 2018 TLS Error: TLS object -> incoming plaintext read error
Mon Dec 24 08:15:15 2018 TLS Error: TLS handshake failed

This error happens as OpenVPN server do not support the TLS version used on Debian machine. Therefore, to fix the problem, we recommend customers to upgrade Openvpn to newer version which support TLS 1.2.

[Need help in installing OpenVPN client in Debian? Our VPN experts can setup it for you.]

 

Conclusion

Using OpenVPN is one of the methods to ensure online privacy. But, it requires configuration changes at the client computer. Today, we saw how our Support Engineers install OpenVPN client in Debian machine and fix common errors with it.

Related posts:

  1. PowerShell Script via Task Scheduler- Let’s do it!!
  2. Apache error AH00558 – Let’s fix it!!
  3. Apache ssl_error_rx_record_too_long – How we fix!!
  4. Virsh dominfo – Let’s discuss in detail!!

0 Comments

Submit a Comment

Your email address will not be published. Required fields are marked *

server management

Spend time on your business, not on your servers.

TALK TO US

Or click here to learn more.

Related Articles

  1. PowerShell Script via Task Scheduler- Let’s do it!!
  2. Apache error AH00558 – Let’s fix it!!
  3. Apache ssl_error_rx_record_too_long – How we fix!!
  4. Virsh dominfo – Let’s discuss in detail!!

Never again lose customers to poor
server speed! Let us help you.

GET STARTED

Privacy Preference Center

Consent Management

When you visit any website, it may store or retrieve information on your browser, mostly in the form of cookies. This information might be about you, your preferences or your device and is mostly used to make the site work as you expect it to. The information does not usually directly identify you, but it can give you a more personalized web experience.

Because we respect your right to privacy, you can choose not to allow some types of cookies. Click on the different category headings to find out more and change our default settings. However, blocking some types of cookies may impact your experience of the site and the services we are able to offer.

Privacy Policy

Required
By using this site, you agree to our Privacy Policy.

Necessary

Necessary cookies help make a website usable by enabling basic functions like page navigation and access to secure areas of the website. The website cannot function properly without these cookies.

PHPSESSID - Preserves user session state across page requests.

gdpr[consent_types] - Used to store user consents.

gdpr[allowed_cookies] - Used to store user allowed cookies.

Cookies Used

Required
PHPSESSID, gdpr[consent_types], gdpr[allowed_cookies]

livechat.bobcares.com

Opt Out
PHPSESSID

my.bobcares.com

Opt Out
WHMCSpKDlPzh2chML

Statistics

Statistic cookies help website owners to understand how visitors interact with websites by collecting and reporting information anonymously.

_ga - Preserves user session state across page requests.

_gat - Used by Google Analytics to throttle request rate

_gid - Registers a unique ID that is used to generate statistical data on how you use the website.

smartlookCookie - Used to collect user device and location information of the site visitors to improve the websites User Experience.

Cookies Used

_ga, _gat, _gid

google.com

Opt Out
_ga, _gat, _gid

manager.smartlook.com

Opt Out
smartlookCookie

clarity.microsoft.com

Opt Out
_clck, _clsk, CLID, ANONCHK, MR, MUID, SM

Marketing

Marketing cookies are used to track visitors across websites. The intention is to display ads that are relevant and engaging for the individual user and thereby more valuable for publishers and third party advertisers.

IDE - Used by Google DoubleClick to register and report the website user's actions after viewing or clicking one of the advertiser's ads with the purpose of measuring the efficacy of an ad and to present targeted ads to the user.

test_cookie - Used to check if the user's browser supports cookies.

1P_JAR - Google cookie. These cookies are used to collect website statistics and track conversion rates.

NID - Registers a unique ID that identifies a returning user's device. The ID is used for serving ads that are most relevant to the user.

DV - Google ad personalisation

_reb2bgeo - The visitor's geographical location

_reb2bloaded - Whether or not the script loaded for the visitor

_reb2bref - The referring URL for the visit

_reb2bsessionID - The visitor's RB2B session ID

_reb2buid - The visitor's RB2B user ID

Cookies Used

IDE, test_cookie, 1P_JAR, NID, DV, NID

doubleclick.net

Opt Out
IDE, test_cookie

google.co.in

Opt Out
1P_JAR, NID, DV

google.com

Opt Out
NID

olark.com

Opt Out
hblid

rb2b.com

Opt Out
_reb2bgeo, _reb2bloaded, _reb2bref, _reb2bsessionID, _reb2buid

Security

These are essential site cookies, used by the google reCAPTCHA. These cookies use an unique identifier to verify if a visitor is human or a bot.

Cookies Used

SID, APISID, HSID, NID, PREF

google.com

Opt Out
SID, APISID, HSID, NID, PREF