By default, the command line console is used to configure and manage the OpenVPN server. For OpenVPN, there are several web interface administration panels (frontends) that allow you to perform routine operations (create users, create/revoke certificates, manage configuration files, etc.).
OpenVPN developers provide an official solution for implementing the web management interface – Access Server. Its main drawback is that it is a commercial product and the free version has a limit of two VPN connections to the server.
Access Server allows you:
- OpenVPN management via the web interface. CLI commands and API available;
- One-click creation of a new connection and configuration file;
- Restrict connections by client IP address;
- Supports multiple authentication methods for Open VPN (Active Directory, LDAP, Radius, PAM).
One of the best management web panels for OpenVPN is Pritunl. It is also a commercial product that has a very convenient web interface for OpenVPN and Wireguard management. Available for both Linux and Windows. With Pritunl you can deploy an OpenVPN server, manage users, certificates, and connections. The following features are supported: port forwarding, client configuration update on connection, deploying OpenVPN cluster configurations, RESTful API, built-in monitoring, and much more.
We recommend Webmin with the OpenVPN-admin module as a free control panel for OpenVPN with basic functionality. You can deploy Webmin on any Linux host.
Let’s see how to install Webmin + OpenVPN-admin on Ubuntu.
Install the OpenVPN packages:
$ sudo apt install openvpn easy-rsa
Add Webmin repository
$ sudo mcedit /etc/apt/sources.list
Add the following to the configuration file:
deb http://download.webmin.com/download/repository sarge contrib
deb http://webmin.mirror.somersettechsolutions.co.uk/repository sarge contrib
Install the GPG keys:
$ sudo wget http://www.webmin.com/jcameron-key.asc $ sudo apt-key add jcameron-key.asc
$ sudo apt update $ sudo apt install webmin
Open Webmin web interface: https://ip_server_address:10000
Download the module http://www.openit.it/downloads/OpenVPNadmin/openvpn-3.2.wbm.gz to your computer.
In the Webmin web interface, go to Webmin -> Webmin Configuration -> Webmin Modules -> Install Module -> From uploaded file. Select the file you download earlier.
Go to Servers -> OpenVPN + CA -> Certification Authority List and create a new CA.
Select the Key list of your CA and create a server key (Key Server = server).
Then create a client key in the same way.
Now go to OpenVPN + CA -> VPN List and create a new VPN server configuration for your CA.
Configure your OpenVPN server settings.
Now you can create clients: OpenVPN + CA -> VPN List -> OpenVPN Server -> Client List. Create a client configuration (select a client certificate, specify the IP address to connect to your OpenVPN server, and the connection port)
Click Start to run the OpenVPN server daemon.
Now go to Client List and download OVPN file for client connection.