How To Setup Pritunl OpenVPN On Debian 8

pritunl-logo

What Is Pritunl?

Pritunl is an enterprise distributed OpenVPN server. It is excellent for simple VPN setups and further up to much more complicated setups. It could be compared to OpenVPN’s own access server. It works so well that we use it ourselves here at Impact VPS.

How Much Does It Cost?

Pritunl comes with a few different options. The basic software itself is free, though if you want some more of its advanced features you have to pay. One big plus for Pritunl is that the software is open source on github. For most people, the free plan is more than enough.

Pritunl-plans

Installing Pritunl

Adding Software Repos

Before we can start installing the software, we need to add the repos so Debian can find it.

Create a file for the mongodb repo:

nano /etc/apt/sources.list.d/mongodb-org-3.0.list

And then paste in the following text:

deb http://repo.mongodb.org/apt/debian wheezy/mongodb-org/3.0 main

Once you do that close and save the file with: ctrl + o and then ctrl + x.

Next we need to add one more repo for Pritunl itself:

nano /etc/apt/sources.list.d/pritunl.list

And paste in:

deb http://repo.pritunl.com/stable/apt jessie main

Close and save the file once again.

Adding Trusted Keys

Now we need to add the keys to our system for those repos. Run the commands:

apt-key adv --keyserver hkp://keyserver.ubuntu.com --recv 7F0CEB10
apt-key adv --keyserver hkp://keyserver.ubuntu.com --recv CF8E292A

Installing The Software

Once all of that has been done we can finally begin to install the software. Run the commands:

apt-get update
apt-get install pritunl mongodb-org

Then start it up.

systemctl start mongod pritunl
systemctl enable mongod pritunl

Configuring Pritunl

Initial Setup

Increase Open Files Limit

Sometimes when servers have high loads they can run into connection issues with Pritunl. Running these commands will increase the number of allowed open files to hopefully prevent such issues.

sudo sh -c 'echo "* hard nofile 64000" >> /etc/security/limits.conf'
sudo sh -c 'echo "* soft nofile 64000" >> /etc/security/limits.conf'
sudo sh -c 'echo "root hard nofile 64000" >> /etc/security/limits.conf'
sudo sh -c 'echo "root soft nofile 64000" >> /etc/security/limits.conf'

Database Setup

Next we need to setup Pritunl to use the mongodb  that we setup earlier. Go to the url: https://<yourserverip>. You will see a page that looks similar to:

 

database_setup

It will ask for both the mongodb uri and the setup key. To get the setup key, run the command:

pritunl setup-key

on the command line and paste it into the textbox. The Monogodb uri should automatically be filled out for a local mongo instance.

Basic Setttings

Once you click save to save the database information you will be presented with a login screen. The default username and password are both: pritunl .

pritunl-login

Once you successfully login you will be presented with an initial setup page to change a few settings. The only main setting you should have to change is the username and password. Please change this to something secure. If you are using a domain or subdomain for this VPN server you can also set what the domain is that is being used for the setup so the system can automatically configure a Let’s Encrypt SSL certificate.

pritunl-inital-setup

Getting Connected

Setup Users

Before you can connect to your new VPN server you first need to add an organization, users and a server. To add an organization click on the “Add organization” on the organizations page in the web console.

Pritunl-add-org-button

And then give the organization a name

add-organization

Then once you add that you need to add a user that you will be connecting as. Click on the “Add User” button.

Pritunl-add-user-button

Then give the user a name and select the organization they are supposed to be a part of. Email and pin are both optional.

add-user

Create A Server

Once you have the users setup, you need to create a server to connect to. Go to the Servers tab and click on the “add server” button.

add-server-button-printul

Once the popup comes up give the server a name and click on the advanced section in the top right. Then check the “allow multiple devices” box to allow you to connect from multiple devices for the same user at the same time. Once done click add.

add-server-printul

Once you have created the server you need to attach the organization you created earlier to the server you just made.

attach-org-button-Pritunl

Once you click the “attach organization” button a popup will come up for you to select the organization you created earlier and the server you just made.

attach-org-popup

 

Once you do that click on the “start server” button to start the server to be available for user connections.

Configuring Client

Picking A Client

Now that you have configured the server and setup your users, you need to setup your client to use the VPN server. Pritunl supports any VPN client that supports OpenVPN.

If you just want a basic client to connect to your server and do not have one already, Pritunl provides a free on that can be used on Linux, Mac OS X and Windows. It can be found here: http://client.pritunl.com/.

My personal recommendation for the client that I use is Viscosity. It is not free, but is $9 and supports both Mac OS X and Windows.

Downloading User Profile

Once you have picked your client you need to download your connection profile for your user. Find your user in the users list and click on the get temporary download links button. It is right to the left of the “download profile” button.

download-profile

Once you click the button you will be given a popup with a bunch of different links. The only difference between the links is the format of the file and if the link is temporary (good for giving out profile access to someone securely).

profile-links

It is also possible to import the profile directly into the Pritunl provided client using one of the URLs.

Importing Profile Into Client

Now that you have downloaded your user profile, you need to important that profile into your client. Because there are so many clients, it is impossible to show how to do it on all of them. For the purposes of this guide, I will show you have to do it on the Pritunl provided client.

Launch up the client and select the “import profile URI” button. Then take the temporary link that is labeled as being for the Pritunl client and paste the url in the box that shows up. Click import and your client is now setup.

import-profile

To connect to the VPN you setup just click on the 3 white bars to the right of the VPN listing and click on the connect button.

connect-vpn

You now have your own private VPN setup on Debian 8. If you go to google and lookup what your ip is, it should now show that your computer’s IP is the same as your servers.

 

 

CC BY 4.0 This work is licensed under a Creative Commons Attribution 4.0 International License.

Alex Wacker has written 16 articles

I am the founder and owner of Subnet Labs LLC. Impact VPS is one of our VPS brands. Linux, virtualizaton and the internet amaze me and I enjoy learning new things every day about them.

2 thoughts on “How To Setup Pritunl OpenVPN On Debian 8

  1. PakTam says:

    i got this problem where after im update to new version of Pritunl 1.24 and when i try to login “This site can’t be reached”
    but all my vpn still working perfectly. it just i cant login and create new user.

    and
    i also try to create Pritunl in new server.
    same problem happen.

    do you have any idea to fix this.
    thanks

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>