You will need root access on a server running Ubuntu Linux 16.04 or later. Although any Debian-based Linux distribution should work, we recommend Ubuntu Linux at this time. Note that
systemd is required.
Go to the Pilvy VPN Server site to obtain the latest version of the server installation package.
# wget https://www.pilvy.com/downloads/pilvy-vpnserver_x.y.z_amd64.deb # dpkg -i pilvy-vpnserver_x.y.z_amd64.deb
The installer will automatically generate a public key infrastructure (PKI), with a root and intermediate certificate authority (CA), as well as a signed client keypair.
For production use, you should regenerate the PKI on a secure machine, not connected to the network, as maintaining the security of the PKI private keys is of paramount importance. If you have an existing PKI, you may of course use that as well.
Pilvy VPN Server supports a number of different authentication methods, but the simplest is to use a SQLite database. You can manage users from the command line with the
vpnadmin tool. Let's create our first user:
# vpnadmin users create alice
Default PKCS12 Identity Password
The default password to decrypt the PKCS12 identity is: secret
At server installation time, a sample configuration profile is generated. You can find it in the
/etc/vpnserver/pki-tools/clients directory on the server. Transfer the
client.vpntoolkit file to a client machine (or email it to yourself).
- Download Pilvy VPN from the App Store
- Open the Mail app and find the email containing the
- Open the attachment with Pilvy VPN
- Flip the switch to connect
- Enter the credentials you created above when prompted
After download the desktop app, click on the tray menu app icon, navigate to the Advanced menu, and click Import Configuration. Browse to the
client.vpntoolkit file you downloaded from the VPN server and open it. Finally, select the Connect menu item.
Download one of the CLI apps from the website, and connect:
Administrative Privileges Required
You will need to use the
sudo command on Mac and Linux since the client needs to modify the machine's network configuration. On Windows, you should first install the tray app before using the CLI tool, as a network driver needs to be installed.
# vpnclient --profile client.vpntoolkit --username alice
You will be asked to enter the password.
At this point, you will be connected, and all traffic will be routed through the VPN server.
Congratulations! You have successfully deployed a VPN server that's ready for action. Next up, see how you can customize the Server Configuration to suit your specific needs.