Ubuntu server 14.04 + OpenVPN + Android client

We are going to install Openvpn on Ubuntu server 14.04 and then use Android to connect to it (so you can bypass Chinese firewall for example ūüėČ

Install OpenVPN

We need to allow IPv4 forwarding so the server can send out packets on the VPN‚Äôs behalf. let’s¬† nano /etc/sysctl.conf¬†and uncomment this line:

Then  sudo sysctl -p to reload the modified conf. Then  nano /etc/default/ufw and edit this line:

finally  nano /etc/ufw/before.rules and edit like this:

Open the openvpn port with  ufw allow 1194/udp and restart ufw  service ufw restart .

Create Server Keys

We will use Easy-RSA to generate the server side keys.

Now copy the server keys to the root of the openvpn directory:

Create Client Certificates

Those commands will create new files int the easy-rsa/keys directory called client-name.crt and client-name.key.

/etc/openvpn/ca.crt
/etc/openvpn/easy-rsa/keys/client-name.crt
/etc/openvpn/easy-rsa/keys/client-name.key

These 3 files need to be copied to the client, so the client software can use them to make the connection with the server.  You can use filezilla to download them on the client for example.

Tweak OpenVPN config

Server side

Copy/extract the default Openvpn conf file:

nano /etc/openvpn/server.conf  and make the following changes:

Change this so all your client traffic passes through the VPN.

Push specific DNS address to your clients.

Change the following to increase security so the VPN service has restricted access

Specify where to output the log of openvpn

finally:

Android side

Now on your android device, download the official OpenVPN client from F-Droid market (https://f-droid.org/wiki/page/de.blinkt.openvpn), add a profile, and edit the server address in the config (your server IP or FQDN). Give the android the path to the 3 files you previously downloaded. And start the connection!

home openvpn-main-page settings

That’s it, you can enjoy Youtube & co in China.