Post

OpenVPN

VPN for Secure Access

Posted
openvpn
openvpn
By ahmed bouayed
1 min read
OpenVPN

This post guides you through setting up an OpenVPN Access Server using Docker Compose to secure access to your network or services, this setup creates a VPN foundation.

Prerequisites

  • Docker and Docker Compose installed on your server.
  • Basic knowledge of Docker and networking.

Deployment Steps

Create Project Directory

1

mkdir openvpn && cd openvpn

Save the following as docker-compose.yaml in a project directory

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16

services:
  openvpn-as:
    image: openvpn/openvpn-as
    container_name: openvpn-as
    devices:
      - /dev/net/tun:/dev/net/tun
    cap_add:
      - MKNOD
      - NET_ADMIN
    ports:
      - "943:943"
      - "443:443"
      - "1194:1194/udp"
    volumes:
      - ./data:/openvpn
    restart: unless-stopped

Launch OpenVPN

1

docker-compose up -d

Access the Admin UI

  • Go to https://<your-server-ip>:943/admin.
  • Accept the self-signed certificate warning.
  • Log in with:
  • Username: admin
  • Password: Check the auto-generated password via: 
    1

    docker logs openvpn-as

    Look for: OpenVPN AS initial admin password is ....

Secure the Admin Account

Change the default password in the Admin UI. Optionally, create a new admin user and disable the default admin.

Set Up VPN Clients

In the Admin UI, configure user permissions and download client profiles. Use the OpenVPN Connect client or visit https://<your-server-ip>:943 to get client software.

Security Tips

  • Certificates: Use a trusted certificate (e.g., Let’s Encrypt) instead of the default self-signed one.
  • 2FA: Enable two-factor authentication in the Admin UI.
  • Firewall: Limit access to OpenVPN ports (943, 443, 1194/udp).
  • Updates: Keep the image updated: 
    1

    docker-compose pull && docker-compose up -d

Troubleshooting

Admin UI Inaccessible

  • Verify container status: docker ps.
  • Check port conflicts: netstat -tuln | grep 943.
  • Ensure firewall allows 943, 443, 1194/udp.

VPN Connection Fails:

  • Confirm /dev/net/tun exists.
  • Inspect logs: docker logs openvpn-as.

Conclusion

You’ve set up OpenVPN Access Server with Docker Compose, creating a secure VPN for your network. securing services, this setup ensures protected access.

Stay secure!

security
docker security
This post is licensed under CC BY 4.0 by the author.