If you're looking for a VPN server to big in-house, look nary further than the AlmaLinux/Pritunl combination. See however casual it is to get this work up and running.
Pritunl is an unfastened root VPN server you tin easy instal connected your Linux servers to virtualize your backstage networks. This peculiar VPN solution offers a well-designed web UI for casual medication and management. All postulation betwixt clients and server is encrypted and the work uses MongoDB, which means it includes enactment for replication.
I've walked you done the process of installing Pritunl connected Ubuntu Server 20.04 and present I privation to bash the aforesaid with AlmaLinux 8.5. You should beryllium capable to get this VPN solution up and moving successful minutes.
SEE: Password breach: Why popular civilization and passwords don't premix (free PDF) (TechRepublic)
What you'll request
To successfully instal Pritunl connected AlmaLinux, you'll request a running/updated lawsuit of the OS and a idiosyncratic with sudo privileges. You'll besides request a domain sanction that points to the hosting server (so users tin entree the VPN from extracurricular your network).
How to configure the firewall
The archetypal happening we'll bash is configure the AlmaLinux firewall. Let's commencement by allowing some HTTP and HTTPS postulation successful with the commands:
sudo firewall-cmd --permanent --add-service=http sudo firewall-cmd --permanent --add-service=httpsThen, we'll reload the firewall with:
sudo firewall-cmd --reloadHow to instal MongoDB
Next, we'll instal the MongoDB database. Create a caller repo record with:
sudo nano /etc/yum.repos.d/mongodb-org-4.4.repoPaste the pursuing into the caller file:
[mongodb-org-4.4] name=MongoDB Repository baseurl=https://repo.mongodb.org/yum/redhat/$releasever/mongodb-org/4.4/x86_64/ gpgcheck=1 enabled=1 gpgkey=https://www.mongodb.org/static/pgp/server-4.4.ascNote: There's a newer mentation of MongoDB (version 5), but I person yet to successfully get it to instal connected AlmaLinux. Because of that, I'm going with mentation 4.4.
Save and adjacent the file.
Install MongoDB with:
sudo dnf instal mongodb-org -yStart and alteration MongoDB with:
sudo systemctl alteration --now mongodSEE: <strong>VPN and mobile VPN: How to prime the champion information solution for your company</strong> (TechRepublic Premium)
How to instal Pritunl Server
Next, we'll instal Pritunl. Create the repo record with:
sudo nano /etc/yum.repos.d/pritunl.repoIn that file, paste the following:
[pritunl] name=Pritunl Repository baseurl=https://repo.pritunl.com/stable/yum/centos/8/ gpgcheck=1 enabled=1Save and adjacent the file.
Install the EPEL repository with:
sudo dnf instal epel-release -yImport the Pritunl GPG keys with:
gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 7568D9BB55FF9E5287D586017AE645C0CF8E292A gpg --armor --export 7568D9BB55FF9E5287D586017AE645C0CF8E292A > key.tmp; sudo rpm --import key.tmp; rm -f key.tmpInstall Pritunl with the command:
sudo dnf instal pritunl -yWhen the installation completes, commencement and alteration the work with:
sudo systemctl alteration pritunl --nowHow to summation the Open File Limit
To forestall transportation issues to the Pritunl server erstwhile it's nether a higher load, we request to summation the unfastened record limit. To bash this, contented the pursuing commands:
sudo sh -c 'echo "* hard nofile 64000" >> /etc/security/limits.conf' sudo sh -c 'echo "* brushed nofile 64000" >> /etc/security/limits.conf' sudo sh -c 'echo "root hard nofile 64000" >> /etc/security/limits.conf' sudo sh -c 'echo "root brushed nofile 64000" >> /etc/security/limits.conf'How to entree the Pritunl web UI
Give the work a infinitesimal to commencement and past constituent a web browser to https://SERVER (where SERVER is either the IP code oregon domain of the hosting server). You should beryllium greeted by the Pritunl database setup model (Figure A).
Figure A
To continue, you indispensable make a setup cardinal with the bid (run connected the hosting server):
sudo pritunl setup-keyThis volition make a random drawstring of characters that you transcript and paste into the Setup Key substance country of the Pritunl database setup window. After pasting the key, click Save and hold for the database to beryllium upgraded. You volition past beryllium presented with the Pritunl login window. Before you log in, you indispensable retrieve the default login credentials with the command:
sudo pritunl default-passwordThe supra bid volition people retired some the username and password for you to usage to log into the Pritunl web UI. Make definite to prevention those credentials. Once you've successfully logged in, you'll beryllium prompted to alteration the admin user's password and implicit the archetypal setup (Figure B).
Figure B
And determination you go. You present person the Pritunl VPN server up and moving connected AlmaLinux 8.5. At this point, you tin configure the server to conscionable the needs of your concern and users.
Cybersecurity Insider Newsletter
Strengthen your organization's IT information defenses by keeping abreast of the latest cybersecurity news, solutions, and champion practices. Delivered Tuesdays and Thursdays
Sign up todayAlso spot
- NIST Cybersecurity Framework: A cheat expanse for professionals (free PDF) (TechRepublic)
- What are mobile VPN apps and wherefore you should beryllium utilizing them (TechRepublic Premium)
- How to go a cybersecurity pro: A cheat sheet (TechRepublic)
- Cybersecurity and cyberwar: More must-read coverage (TechRepublic connected Flipboard)
Subscribe to TechRepublic's How To Make Tech Work connected YouTube for each the latest tech proposal for concern pros from Jack Wallen.