You might have used publicly available VPN solutions, including many apps freely available on android and PC. Using free VPN has some disadvantages, first of all you do not get high speed connectivity. They are often unreliable when you need them the most. But most importantly we care about our privacy and anonymity. We want a secure, reliable VPN that will not use the data for any marketing purpose. To avoid that, there are several other options you can consider, one of them is to make your own VPN server. It is very easy to do and you do not need to worry about any coding.
What do you need
You need a Virtual private server. They are cheap so don’t worry. You can buy the virtual server on Vultr or any other cloud service provider. You can also find much cheaper servers online but these are my recommendations and I have used them personally. If you are not sure how to make a server please head over to this post. You don’t need to worry about the linux version for your server just choose any popular one Ubuntu 24.04 or higher for your server will be fine.
Setup OpenVPN server
OpenVPN is a free open-source software for making a VPN. It has a wide range of functionalities. By now I hope you have a server. Now you need to access your server through SSH. It basically allows you to connect your server remotely. If you are on windows 10 or higher you can open Powershell command line tool then you can connect to the server as following:
ssh root@your-server-ipIf you run this for the first time you will get an output similar to:
The authenticity of host '192.168.10.2 (192.168.10.2)' can't be established.
ED25519 key fingerprint is SHA256:oK5s+Some+Random+Numbers.
This key is not known by any other names.
Are you sure you want to continue connecting (yes/no/[fingerprint])? yesIf you cannot connect to server from your system then Download PuTTy, Install it and SSH into your server by giving your server details. It will ask for user(root) and password.
Now we need to input the following commands. You can copy the commands and paste them into PuTTy by Right Click.
curl -O https://raw.githubusercontent.com/Angristan/openvpn-install/master/openvpn-install.sh
chmod +x openvpn-install.sh
./openvpn-install.shThe script will ask couple of questions. First is about IP address press Enter for default.
Do you want to enable IPv6 support (NAT)?
Replace ‘Y’ with ‘N’ and press enter.
What port do you want openVPN to listen to?
For Port Settings, there are few things to consider. If you want fast connection that is more real time whatsapp call etc then default settings are fine for you, Just press Enter. But If you are in country where the censorship is very hostile and they block openVPN traffic. Then you need to change your port to 443. Select ‘Custom option’ and replace 1194 to 443.
What protocol do you want openVPN to use?
If you change the port to 443 then you need to choose TCP. Otherwise UDP it is.
What DNS resolvers do you want to use with the VPN?
You can choose any of the public DNS options(3-11). Or Better just press Enter for default.
Do you want to use compression? It is not recommended since the VORACLE attack make use of it.
Press Enter
Do you want to customize encryption settings?
Press Enter
That’s it. Now press enter so that the script can finish installation by downloading the necessary packages.
Meanwhile the installation is going on go ahead and download filezilla. We will need it to access our server to download the client configuration files. We also need a OpenVPN windows client. You can download OpenVPN connect apps on IOS and android later if you plan to use it on your mobile device.
By now your server would have finished installation and will ask you some final questions.
Tell me a name for the client
Enter any name. For Example Client1
Do you want to protect the configuration file with a password?
Press Enter as default, we do not want password for this instance.
The installation process has completed and would now have created a client1.ovpn file in the directory of the script. We just need to download that file so that we can connect to our openVPN server. We can re-run the same script to get more client configurations in order for us to use it across multiple devices or multiple users simultaneously by the following command.
Download the OpenVPN Client Configuration
The Easy Way that looks hard
Open “Terminal” in windows, Run this command to get the client configuration to your C:/users/your_user/
Needless to say, you need to add your server ip in below command. After that it will ask for server root password. Then Ta-da!, find your file in your directory.
scp root@your-server-ip:~/client.ovpn ./The Hard way that looks easy
Download a FTP client called FileZilla. then you can add your server details like this and connect.
Then a directory will be shown, you can download your files from there.
Download the client file(s).
Install the OpenVPN windows client. And copy the client files in its directory \OpenVPN\config\ in your computer.
Run OpenVPN in your computer. It will launch in system tray. Right click and check your new client1 will be shown there. Just go and connect. 🙂
There is another way to bypass censorship that method is more fast and blend more easily than openVPN. Its called shadowsocks. It is a http proxy, whereas openVPN is a complete VPN solution.
Allowing Multiple Devices to Connect with the Same OpenVPN Client [Optional]
By default, OpenVPN allows only one connection per certificate. This means if you use the same .ovpn file on multiple devices, only one can stay connected at a time—the others get disconnected. Annoying, right?
If you want multiple devices to connect using the same client configuration, you need to enable duplicate-cn on the server.
Steps to Enable duplicate-cn in OpenVPN:
- Open the OpenVPN server configuration file:
nano /etc/openvpn/server.conf
- Add this line at the end of the file:
duplicate-cn
- Save and exit (
CTRL+X, thenYandEnter). - Restart OpenVPN for the changes to take effect:
systemctl restart openvpn@server
- Verify that OpenVPN is running properly:
systemctl status openvpn@server
Now, multiple devices can connect using the same .ovpn file without getting disconnected.
Note: Using
duplicate-cnis not recommended in high-security setups since it allows multiple devices to share the same certificate. But hey, this isn’t the military, and let’s be honest—most people’s biggest security risk is using “password123” anyway.