How to install the Pritunl VPN server on AlmaLinux

If you are looking for a VPN server to host internally, look no further than the AlmaLinux / Pritunl combination. See how easy it is to get this service up and running.

Getty Images / iStockphoto

Pritunl is an open source VPN server that you can easily install on your Linux servers to virtualize your private networks. This particular VPN solution offers a well-designed web user interface for easy administration and management. All traffic between clients and the server is encrypted and the service uses MongoDB, which means it includes replication support.

I have explained to you the installation process of Pritunl on Ubuntu Server 20.04 and now I want to do the same with AlmaLinux 8.5. You should be able to set up this VPN solution in a few minutes.

SEE: Password Breach: Why Pop Culture and Passwords Don’t Mix (Free PDF) (TechRepublic)

What you will need

To properly install Pritunl on AlmaLinux you will need a running / updating operating system instance and a user with sudo privileges. You’ll also need a domain name that points to the hosting server (so users can access the VPN from outside your network).

How to configure the firewall

The first thing we are going to do is configure the AlmaLinux firewall. Let’s start by allowing HTTP and HTTPS traffic with the commands:

sudo firewall-cmd --permanent --add-service=http
sudo firewall-cmd --permanent --add-service=https

Then we will reload the firewall with:

sudo firewall-cmd --reload

How to install MongoDB

Next, we will install the MongoDB database. Create a new repository file with:

sudo nano /etc/yum.repos.d/mongodb-org-4.4.repo

Paste the following into the new file:

[mongodb-org-4.4]
name=MongoDB Repository
baseurl=https://repo.mongodb.org/yum/redhat/$releasever/mongodb-org/4.4/x86_64/
gpgcheck=1
enabled=1
gpgkey=https://www.mongodb.org/static/pgp/server-4.4.asc

Note: There is a newer version of MongoDB (version 5), but I have not yet managed to install it on AlmaLinux. For this reason, I am going with version 4.4.

Save and close the file.

Install MongoDB with:

sudo dnf install mongodb-org -y

Start and activate MongoDB with:

sudo systemctl enable --now mongod

SEE: VPN and Mobile VPN: How to Choose the Best Security Solution for Your Business (TechRepublic Premium)

How to install the Pritunl server

Next, we will install Pritunl. Create the repository file with:

sudo nano /etc/yum.repos.d/pritunl.repo

In that file, paste the following:

[pritunl]
name=Pritunl Repository
baseurl=https://repo.pritunl.com/stable/yum/centos/8/
gpgcheck=1
enabled=1

Save and close the file.

Install the EPEL repository with:

sudo dnf install epel-release -y

Import the Pritunl GPG keys with:

gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 7568D9BB55FF9E5287D586017AE645C0CF8E292A
gpg --armor --export 7568D9BB55FF9E5287D586017AE645C0CF8E292A > key.tmp; sudo rpm --import key.tmp; rm -f key.tmp

Install Pritunl with the command:

sudo dnf install pritunl -y

Once the installation is complete, start and activate the service with:

sudo systemctl enable pritunl --now

How to increase the limit of open files

To avoid the problems connecting to the Pritunl server when it is under a higher load, we need to increase the limit of open files. To do this, run the following commands:

sudo sh -c 'echo "* hard nofile 64000" >> /etc/security/limits.conf'
sudo sh -c 'echo "* soft nofile 64000" >> /etc/security/limits.conf'
sudo sh -c 'echo "root hard nofile 64000" >> /etc/security/limits.conf'
sudo sh -c 'echo "root soft nofile 64000" >> /etc/security/limits.conf'

How to access the Pritunl web user interface

Give the service a moment to start, then point a web browser to https: // SERVER (where SERVER is either the IP address or the domain of the hosting server). You should be greeted by the Pritunl database configuration window (Figure A).

Figure A

pritunlalmaaa.jpg

The Pritunl database configuration window is ready to continue.

To continue, you need to generate an installation key with the command (run on the hosting server):

sudo pritunl setup-key

This will generate a random string of characters that you will copy and paste into the Configuration key text box of the Pritunl database configuration window. After pasting the key, click Save and wait for the database to be upgraded. You will then be presented with the Pritunl login window. Before connecting, you must retrieve the default connection credentials with the command:

sudo pritunl default-password

The above command will print both the username and password that you will use to log into the Pritunl web user interface. Make sure to save these credentials. Once you have successfully logged in, you will be prompted to change the administrator user password and complete the initial setup (Number B).

Number B

pritunlamlab.jpg

Complete the initial setup of Pritunl

And There you go. You now have the Pritunl VPN server operational on AlmaLinux 8.5. At this point, you can configure the server to meet the needs of your business and your users.

Also look

Subscribe to TechRepublic How to make technology work on YouTube for all the latest technical advice for professionals at Jack Wallen’s business.