How to setup a VPN server on CentOS 7

What is a VPN?

VPN stands for Virtual Private Network.  It allows two separate devices or networks to communicate, privately, across the internet.  It does this by encrypting the connection between them such that it cannot be read if intercepted. They are now commonly used when you want to connect your computer or device to a secure network.  This may be to access non-public resources or if you’re using a public internet connection.  Frequently, internet access in cafés or other public places aren’t secure – connecting to your VPN solves this problem.

How do I use a VPN?

Most devices now have VPN connectivity built in, so you can use them without any additional software.  Mac, Linux and Windows computers can all connect, as can both iOS and Android phones.  Once connected, your internet traffic is routed through the VPN then out to the internet.

Why not just pay for a VPN?

There are many exceptionally good VPN services available, and they offer a good alternative for many people.  However, if you wish to run your own or one for business, the software is all available for free as it is Open Source.

If you need a server to try this out on, we recommend our friends at Linode.

How to install

Make sure your server or VPS is installed up to date.

[user@server] sudo yum -y update

We’re going to use a fantastic script developed by Lin Song to do the bulk of the install for us.  It will install Libreswan as the IPsec server, and xl2tpd as the L2TP provider.

First, we’ll download the setup script from GitHub

[user@server] wget https://git.io/vpnsetup-centos -O vpnsetup.sh

Now run the script as root to install

[user@server] sudo sh vpnsetup.sh

The script will set everything up for you and then output some details at the end.  These will be your:

• Username
• Password
• Pre-shared Key

Be sure to make a note of these as you’ll need them to set up your devices.

Connect to the VPN

A fantastic guide to setting up various devices to connect to your new VPN is available here.