Pritunl is an open source VPN server and management panel. It uses OpenVPN protocol to run the VPN server. It uses Let's Encrypt certificate to secure the VPN server and it's web user interface. Pritunl uses MongoDB to store its database. Pritunl is a very useful application as it uses the most popular open source VPN protocol which is OpenVPN.
Installing OpenVPN server is very complicated and needs expertise to install and configure. Pritunl automates the installation process and also provides a powerful web user interface to manage VPN servers, organisations and users.
In this tutorial we will learn how to install latest version of Pritunl server on CentOS 7.x server.
Pritunl does not require any special hardware to run but the performance and speed may vary according to your hardware specifications. You will need a VPS running CentOS 7.x with a static IP address. Additionally you will also need access to the root user. If you are logged in as a non root user, run sudo su to switch to root account. You will also need a domain, so that you can point your server to that domain. Without a domain pointing at your server, you will not be able to issue Let's Encrypt SSL.
It is important that you point your domain name to your webserver using A records in your domain control panel. Open your domain control panel, from where you have purchased the domain. Now configure the DNS for the domain to set up an A type record. A typical A record look like following.
Type Host Points to TTL
A @ 22.214.171.124 3600
A type records are used to point a domain name to an IPv4 address. Host defines the domain name which is being pointed. @ defines the hostname which is same as the zone name, zone name is typically the domain name itself. Next value is point to, or the destination, it is the IP address of your VPS. Finally TTL (Time to Live), it tells the DNS resolver about the expiry of the record. 3600 denotes 1 hours.
Before installing any package, it is a good practice to update your system and repositories using the following command.
yum -y update
Once the system is updated you will need to create repositories to install MongoDB and Pritunl. In this tutorial we will be using the nano editor to create the files and to add content in them. If you don't have nano installed, you can run yum -y install nano to install nano editor, or you can also use any other editor of your choice. Create a new file using the following command.
Now you can access your Pritunl dashboard by going to following link. Make sure that you use https, because Pritunl is configured to load on Port 443 which is secured http port and accessible using a secured connection only.
You will get a certificate error as Pritunl is installed using self signed certificate, you will stop getting this error once Let's Encrypt SSL will be installed on your server.
Proceed further by ignoring the certificate error, you will see following web page.
To proceed further you will need to enter the setup key, you can obtain the setup key by running the following command in terminal.
Copy the key and paste it into the web UI, do not change anything on MongoDB URI. Click on Save button to proceed further. Once the database has been written, you will get a login prompt to login into dashboard.
Before we can start a VPN server, we will need to create a VPN organisation first. To create an organisation, go to Users tab from the top menu bar, this will take you to User and Organisations interface. Now click on Add Organisation button at the top and Enter a name for organisation. While giving a name for your organisation, please avoid using blank spaces and special characters as they will be trimmed from the name of organisation.
While giving a name for your VPN server, please avoid using blank spaces and special characters as they will be trimmed from the name of VPN server. In DNS Server, you can use any DNS resolver you like, or you can simply use the Google's public DNS resolver which is 126.96.36.199. Choose a port on which you want to run your VPN server, also choose the protocol to use while connecting. You can also leave the prefilled settings as it is. Next choose a network on which your private VPN will be running. You can leave the setting as it is, if you have less than 253 user, if you have more than 253 users, you can change the network to 192.168.1.0/22 which will allow you to connect up to 1,000 users or you can also use 172.16.0.0/16 which will allow up to 65,000 user to connect to your network. Click Add button once done. You will see the details of the server.
After adding the server, you will need to attach an organisation to the server, click on Attach Organisation button. You will see the name of server and name of organisation. Click save button to attach the organisation to the server.
After attachment of organisation and server, you can start the server by clicking the green Start Server button. This will start your server and you will see the log messages in Server Output screen.
Enter the name of the user, make sure that you do not put a space or special characters, as this is going to be the username of the user and will be required during connecting the VPN server. Select the organisation and provide an email. Enter the PIN, this will be the password required during connecting the VPN server. Click Add button and user will be added to the organisation as well as with server. You can also add multiple users at a time. Click on Bulk Add Users button from top and you will see following prompt.
You can download the profile through here by clicking on the Download icon next to the user. You will get a compressed archive in which you will have an OpenVPN client config file. Or you can also click on the Link icon next to the name of user, on which you will get the temporary links to the user profile, which can be sent to the user.
User can download the OpenVPN settings in either tar archive or in zip archive. Users can also change their PIN through there.
So now we have our VPN server up and running also we have a user created. We have also downloaded the user profile. Now we can connect the user to the VPN server.
Connecting to Pritunl Server on Windows
Pritunl Server is based on OpenVPN protocol, hence a client can connect to server using various platform. Some of them are on Microsoft Windows both OpenVPN client and Pritunl client, almost all Linux based distributions, using both OpenVPN client and Pritunl client, On Mac OS X both OpenVPN client and Pritunl client. You can also connect your android and IPhone using OpenVPN client.
Using OpenVPN Client
Download OpenVPN client to your computer by going to this link. Once downloaded, install the software on your computer.
Now extract the User Profile archive you obtained from server, you will get a file with .ovpn extension. Right click on that file and you will see an option saying Start OpenVPN on this Config File.
Click on the option and you will see a prompt to enter the Auth username and Password, enter the same username and PIN which we have created during signup. If the credentials are correct you will be directly connected to the private network.
You can download Pritunl Client using this link. Once installed you can directly import the profile configuration files or Pritunl profile links to the client.
In this tutorial we have learned to easily install Pritunl on CentOS 7.x. Pritunl provided automation in installing, configuring and running OpenVPN server. You can now easily deploy a VPN server and use it for various applications.
Truth be told, it’s difficult for a web application that doesn’t have some kind of identification, even if you don’t see it as a security measure in and of itself. The Internet is a kind of lawless land, and even on free services like Google’s, authentication ensures that abuses will...
Although data persistence is almost always a fundamental element of applications, Node.js has no native integration with databases. Everything is delegated to third-party libraries to be included manually, in addition to the standard APIs. Although MongoDB and other non-relational databases are the most common choice with Node because if you...