Part 2 – Configure the Pritunl VPN Server
“Update 09/01/2018 – Chrome and Firefox have made some really big changes in regard to the types of SSL certs they will accept. So, if you’re having problems with this next section ‘Part 2’, you may need to install a separate, free SSL cert from Let’s Encrypt, enable SSL with a free Cloudflare account or both.)” Also, the instructions in the post are intended for use with Ubuntu 16.04 ONLY! The following steps MAY or MAY NOT work with other Ubuntu versions.
Step 1 – Open Putty or another terminal application and log in to your server (click here for instructions on how to set up Putty for use with a Digital Ocean droplet.) After you log in to your new droplet, enter the following commands one at a time. Be sure to press “Enter” after each (Tip: to paste in Putty, just right click at the command prompt.)
echo "deb http://repo.mongodb.org/apt/ubuntu trusty/mongodb-org/3.2 multiverse" > /etc/apt/sources.list.d/mongodb-org-3.2.list
echo "deb http://repo.pritunl.com/stable/apt trusty main" > /etc/apt/sources.list.d/pritunl.list
apt-key adv --keyserver hkp://keyserver.ubuntu.com --recv EA312927
apt-key adv --keyserver hkp://keyserver.ubuntu.com --recv CF8E292A
apt-get --assume-yes update
apt-get --assume-yes upgrade
apt-get --assume-yes install pritunl mongodb-org
service pritunl start
Step 2- Open your web browser and enter the IP address of your new Digital Ocean server in the address bar. At the end of the IP address, add “:443” (include the colon.) After you finish, the IP address should look like this “111.222.333.44:443” (without the quotes.) Of course, your IP address will be different. Press “Enter” and you should see the Pritunl initial configuration page in your browser window:
Step 3 – Return to your Digital Ocean account, and then click “Droplets” on the top menu. Click the name of your D.O. server in the Droplets list. When the new page appears, click the “Console” link. A new terminal window will open.
Step 4 – Enter your server Root User password if prompted (you should have received this in an email after you created the new droplet.) If you created and entered SSH keys during setup, then no password is needed.
Step 5 – At the prompt, type the following commands and press “Enter” after each:
sudo sh -c 'echo "* hard nofile 64000" >> /etc/security/limits.conf'
sudo sh -c 'echo "* soft nofile 64000" >> /etc/security/limits.conf'
sudo sh -c 'echo "root hard nofile 64000" >> /etc/security/limits.conf'
sudo sh -c 'echo "root soft nofile 64000" >> /etc/security/limits.conf'
Step 6 – Type the following command and press “Enter”:
After you enter the command, the system will display a key value similar to the following:
Step 7 – Leave the console window open and visible, and then return to the browser window displaying the Pritunl server page.
Step 8 – Type (or copy/paste) the key value from the console window in the “Enter Setup Key” field on the Pritunl server configuration page. Click the “Save” button.
Step 9 – Enter “pritunl” in both the user and password fields when prompted, and then click “Sign in.”
Step 10 – Enter a new username and password in the Initial Setup window. If you want to use a domain name with the new server, enter it in the LetsEncrypt Domain field. Click the “Save” button.
Your Pritunl installation is now configured. Next, we need to set up the actual VPN service and connections.
Time to wrap it up! Go to the next page to learn how to configure the service and the VPN client connections.