So by now our home server is sharing files to our home network, acting as a media server via Plex, it’s managing all our downloads AND we’re sharing our personal doucments on our own personal cloud. What else is there?
Well, we’re about to set our server up to act as a VPN node, so that we can access it and other resources on our home network while away from the house.
You might be wondering why you would do this. After all, VPN’s thesedays are more commonly associated with accessing content that’s blocked in our home country by bypassing geo-restrictions.
But, there are plenty of valid reasons to access devices at home via a VPN. Want to access that important file from your mapped network drive? VPN. Want to print that document to your networked home printer. VPN. Want to stream content from your Plex library without making it accessible from outside your network? You guessed it; VPN.
So read on to find out how to accomplish this on your Ubuntu server!
Install OpenVPN
OpenVPN, as the name implies, is an open source VPN protocol which provides secure connectivity between client and server. As it’s open source it’s free to use, so an excellent choice for us.
It’s also widely adopted with clients available for Windows, Mac, Linux, Android and iOS, so should cover most bases.
As with any Linux project, the first thing to do is a system update via the Terminal:
sudo apt-get update sudo apt-get upgrade
This will ensure that the latest updates are installed on your system
The next step is to download and then install the OpenVPN server application:
wget https://git.io/vpn -O openvpn-install.sh
Next, make the file executable by giving it the appropriate permissions:
chmod +x openvpn-install.sh
Then run the shell script to install the application:
sudo ./openvpn-install.sh
After entering your password you’ll be presented with the following:
You’ll need to enter your public IP address (if you’re lucky enough to have a static one) or your ddns address. If you’re not aware of ddns, I recommend you read this guide.
My preferred DDNS provider it NOIP, I recommend you try them out.
You’ll then be asked which type of protocol to use:
I will always recommend using UDP, unless you have a compelling reason not to. UDP stands for User Datagram Protocol, and unlinke TCP it doesn’t require an acknowledgement to be sent each time a packet is received, making it quicker in most scenarios.
Accept the default port choice of 1194.
You’ll be asked to pick your DNS resolver:
Option 1 will use your default system settings, which should be fine in most use cases.
You’ll lastly be asked to create a name for the client certificate. This is entirely a personal choice, but you may want to make it something memorable and relatable such as “Matts_iPhone”.
Once you’ve chosen a name you’ll just need to press any key to proceed with the setup.
Files will be downloaded and installed, and you’ll be informed that your client certificate file has been stored in your users home folder.
You’ll need to copy this file to your client device in preperation for the next part. I recommend copying the file to a location on your network shares, which will make it easier to pick up from a client device.
If you’ve followed the proceeding parts of this guide then you can do this via the following command:
sudo cp /home/<user>/<filename>.ovpn /mnt/md0/root/documents
Once you’ve copied the .ovpn file you’re ready to make use of your VPN, but you’ll first need to open a port on your router and install the client software on your device:
Opening router ports
You’ll need to forward port 1194 for UDP traffic to your home server’s IP address.
The process for this differs from router to router, so the best advice I can give you is to Google “port forwarding” and the model number of your router. You should be able to find a usable guide that shows you how to do this.
The principal for this is that any incoming traffic on port 1194 will be automatically directed to your home server. Without doing this your router wouldn’t know where to send the request, so it’s a very important step.
Installing the OpenVPN client
Client applications are available for pretty much every device, and each is pretty straightforward.
I’ll use the Android App as an example here.
Open the Google Play store and type OpenVPN into the search bar.
Download the OpenVPN Connect app by OpenVPN:
Open the app and you’ll be asked to provide a certificate file.
Locate the certificate file you’ve created and select it. You’ll have the option to start the connection automatically after adding the profile.
Once connected the VPN app will show you the status of the connection and a readout of data transferred:
And there you have it! You can now connect to your home server from anywhere in the world via OpenVPN, allowing you to access any resources stored on your home network from anywhere!