If you are looking for a VPN server to host internally, look no further than the AlmaLinux / Pritunl combination. See how easy it is to get this service up and running.
Getty Images / iStockphoto
Pritunl is an open source VPN server that you can easily install on your Linux servers to virtualize your private networks. This particular VPN solution offers a well-designed web user interface for easy administration and management. All traffic between clients and the server is encrypted and the service uses MongoDB, which means it includes replication support.
I have explained to you the installation process of Pritunl on Ubuntu Server 20.04 and now I want to do the same with AlmaLinux 8.5. You should be able to set up this VPN solution in a few minutes.
SEE: Password Breach: Why Pop Culture and Passwords Don’t Mix (Free PDF) (TechRepublic)
What you will need
To properly install Pritunl on AlmaLinux you will need a running / updating operating system instance and a user with sudo privileges. You’ll also need a domain name that points to the hosting server (so users can access the VPN from outside your network).
How to configure the firewall
The first thing we are going to do is configure the AlmaLinux firewall. Let’s start by allowing HTTP and HTTPS traffic with the commands:
sudo firewall-cmd --permanent --add-service=http sudo firewall-cmd --permanent --add-service=https
Then we will reload the firewall with:
sudo firewall-cmd --reload
How to install MongoDB
Next, we will install the MongoDB database. Create a new repository file with:
sudo nano /etc/yum.repos.d/mongodb-org-4.4.repo
Paste the following into the new file:
[mongodb-org-4.4] name=MongoDB Repository baseurl=https://repo.mongodb.org/yum/redhat/$releasever/mongodb-org/4.4/x86_64/ gpgcheck=1 enabled=1 gpgkey=https://www.mongodb.org/static/pgp/server-4.4.asc
Note: There is a newer version of MongoDB (version 5), but I have not yet managed to install it on AlmaLinux. For this reason, I am going with version 4.4.
Save and close the file.
Install MongoDB with:
sudo dnf install mongodb-org -y
Start and activate MongoDB with:
sudo systemctl enable --now mongod
SEE: VPN and Mobile VPN: How to Choose the Best Security Solution for Your Business (TechRepublic Premium)
How to install the Pritunl server
Next, we will install Pritunl. Create the repository file with:
sudo nano /etc/yum.repos.d/pritunl.repo
In that file, paste the following:
[pritunl] name=Pritunl Repository baseurl=https://repo.pritunl.com/stable/yum/centos/8/ gpgcheck=1 enabled=1
Save and close the file.
Install the EPEL repository with:
sudo dnf install epel-release -y
Import the Pritunl GPG keys with:
gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 7568D9BB55FF9E5287D586017AE645C0CF8E292A gpg --armor --export 7568D9BB55FF9E5287D586017AE645C0CF8E292A > key.tmp; sudo rpm --import key.tmp; rm -f key.tmp
Install Pritunl with the command:
sudo dnf install pritunl -y
Once the installation is complete, start and activate the service with:
sudo systemctl enable pritunl --now
How to increase the limit of open files
To avoid the problems connecting to the Pritunl server when it is under a higher load, we need to increase the limit of open files. To do this, run the following commands:
sudo sh -c 'echo "* hard nofile 64000" >> /etc/security/limits.conf' sudo sh -c 'echo "* soft nofile 64000" >> /etc/security/limits.conf' sudo sh -c 'echo "root hard nofile 64000" >> /etc/security/limits.conf' sudo sh -c 'echo "root soft nofile 64000" >> /etc/security/limits.conf'
How to access the Pritunl web user interface
Give the service a moment to start, then point a web browser to https: // SERVER (where SERVER is either the IP address or the domain of the hosting server). You should be greeted by the Pritunl database configuration window (Figure A).
Figure A
The Pritunl database configuration window is ready to continue.
To continue, you need to generate an installation key with the command (run on the hosting server):
sudo pritunl setup-key
This will generate a random string of characters that you will copy and paste into the Configuration key text box of the Pritunl database configuration window. After pasting the key, click Save and wait for the database to be upgraded. You will then be presented with the Pritunl login window. Before connecting, you must retrieve the default connection credentials with the command:
sudo pritunl default-password
The above command will print both the username and password that you will use to log into the Pritunl web user interface. Make sure to save these credentials. Once you have successfully logged in, you will be prompted to change the administrator user password and complete the initial setup (Number B).
Number B
Complete the initial setup of Pritunl
And There you go. You now have the Pritunl VPN server operational on AlmaLinux 8.5. At this point, you can configure the server to meet the needs of your business and your users.
Cyber Security Newsletter
Strengthen your organization’s IT security defenses by staying on top of the latest cybersecurity news, solutions and best practices. Delivered on Tuesdays and Thursdays
register today
Also look
Subscribe to TechRepublic How to make technology work on YouTube for all the latest technical advice for professionals at Jack Wallen’s business.