How to Install OpenVPN Access Server in the Cloud

The Problem — Why Most People Need a VPN and Don't Have One

Let's start with the real problem.

Most businesses and developers face at least one of these situations every day:

The Remote Work Problem Your team works from home, cafes, and co-working spaces. They connect to company servers and databases over public Wi-Fi — completely exposed. Anyone on the same network can potentially intercept that traffic.

The Developer Problem You built a staging server on Vultr. To keep it secure, you want only your team to access it. But opening it to the public internet means anyone can try to break in. Restricting by IP doesn't work because your team's IPs keep changing.

The Business Owner Problem Your employees access internal tools, CRMs, and databases remotely. You have no way to ensure that connection is secure. A data breach could cost you customers, reputation, and compliance.

The Privacy Problem You use commercial VPN services — but they log your data, throttle your speed, and you have no idea what they do with your information.

The Solution to All Four Problems A self-hosted OpenVPN Access Server on your own Vultr cloud server.

Here is what it gives you:

1. All traffic encrypted between your team and your server
2. Only VPN-connected devices can access your internal resources
3. No third party logs your data — you own the server, you own the data
4. Works on every device — Windows, Mac, Linux, iOS, Android
5. Costs just a few dollars a month on Vultr

This guide shows you exactly how to set it up — from a blank Vultr server to a fully working VPN your team can connect to today.

Why OpenVPN Access Server — and Why Vultr?

Before we get into the installation, let's quickly address two common questions.

Why OpenVPN Access Server and not regular OpenVPN?

There are two versions of OpenVPN:

Regular OpenVPN (Community Edition)

1. Free and open source
2. Requires manual config file management
3. No web interface — everything via terminal
4. Steep learning curve for non-technical users

OpenVPN Access Server

1. Includes a clean web-based Admin panel
2. Auto-generates client connection profiles
3. Easy user management without touching terminal
4. 2 simultaneous connections free
5. Perfect for small teams, businesses, and beginners

For most real-world use cases — especially when you need non-technical team members to connect — Access Server wins easily.

Why Vultr specifically?

At CloudHouse, we recommend Vultr for most client cloud setups because:

1. Plans available for every budget and client requirement
2. Global server locations — pick the region closest to your team
3. Simple, clean control panel — easy for anyone to manage
4. High-frequency NVMe SSD storage for fast performance
5. Transparent hourly billing

Who is this guide for?

This guide is written for all three audiences:

Developers — set up a private network for your servers and projects in under an hour.

Business Owners — give your remote team secure access to company resources without expensive enterprise VPN solutions.

Beginners — every step is explained clearly with no assumed knowledge required.

Before You Start — What You Need

Getting this right before you begin saves hours of troubleshooting later.

Your Vultr Server Checklist

1. OS: Ubuntu 22.04 LTS — must use this version
2. RAM: 1GB minimum — 2GB recommended
3. Storage: 25GB SSD minimum
4. CPU: 1 vCPU minimum
5. Root SSH access confirmed and working
6. Server plan and region: as per your client or team requirements

Firewall Ports — Open These Before Starting

This is where most first-time setups fail. Open these ports in your Vultr firewall settings before doing anything else:

1. Port 22 — SSH (to connect to your server)
2. Port 443 — HTTPS (OpenVPN tunnel traffic)
3. Port 943 — OpenVPN Admin Web UI
4. Port 1194 UDP — OpenVPN VPN tunnel

How to open ports in Vultr:

1. Go to your Vultr control panel
2. Click on your server
3. Go to Firewall settings
4. Add each port listed above
5. Save changes

Your Local Setup Checklist

1. Terminal app — Mac/Linux users already have this built in
2. PuTTY — Windows users download from putty.org (free)
3. Your server IP address — from Vultr dashboard
4. Root password or SSH key — from Vultr dashboard

Optional but Recommended

1. A domain or subdomain pointing to your server IP — for example vpn.yourdomain.com
2. This gives you a clean URL for the Admin panel instead of a raw IP address

Free vs Paid — Know This Before Starting

OpenVPN Access Server is free for up to 2 simultaneous VPN connections.

If your team needs more than 2 people connected at the same time — you will need to purchase additional licences from openvpn.net before deploying to production.

For testing and small teams — 2 connections is enough to get started right now.

The Fix — Installing OpenVPN Access Server Step by Step

Here is the complete installation process. Follow each step in order — do not skip any.

Step 1 — Connect to Your Vultr Server

Open your terminal and connect via SSH: ssh root@your-server-ip

Replace your-server-ip with the IP from your Vultr control panel.

Step 2 — Update Your Server

sudo apt update && sudo apt upgrade -y

Always do this first on a fresh server. This ensures all existing packages are current before you add anything new.

Step 3 — Install Required Dependencies

sudo apt install -y ca-certificates wget
net-tools gnupg curl

These tools are needed to add the official OpenVPN repository securely.

Step 4 — Add the Official OpenVPN Repository

sudo mkdir -p /etc/apt/keyrings

curl -fsSL https://as-repository.openvpn.net/as-repo-public.gpg
| sudo gpg --dearmor
-o /etc/apt/keyrings/as-repository.gpg

echo "deb [arch=amd64
signed-by=/etc/apt/keyrings/as-repository.gpg]
https://as-repository.openvpn.net/as/debian
jammy main"
| sudo tee /etc/apt/sources.list.d/openvpn-as-repo.list

Why do this? Installing from the official OpenVPN repository ensures you always get the latest verified version — not an outdated package from Ubuntu's default repos.

Step 5 — Install OpenVPN Access Server

sudo apt update sudo apt install -y openvpn-as

This will take a minute or two. When it finishes, OpenVPN will print important information on your screen.

Step 6 — Save Your Login Details

Immediately after installation completes, your terminal will show something like this:

Admin UI: https://your-server-ip:943/admin Client UI: https://your-server-ip:943/

Login as "openvpn" with this password: [auto-generated password displayed here]

Copy and save this password right now. If you miss it, you will need to reset it.

Step 7 — Change the Default Password

Never keep the auto-generated password. Change it immediately: sudo passwd openvpn

Enter and confirm your new strong password.

Step 8 — Verify OpenVPN is Running

sudo systemctl status openvpnas

Look for: active (running) shown in green.

If it is not running: sudo systemctl start openvpnas sudo systemctl enable openvpnas

ssh root@your-server-ip
sudo apt update && sudo apt upgrade -y
sudo apt install -y ca-certificates wget net-tools gnupg curl
sudo apt update && sudo apt install -y openvpn-as
sudo passwd openvpn
sudo systemctl status openvpnas
sudo systemctl start openvpnas
sudo systemctl enable openvpnas

Configuring the Admin Panel — Making It Work for Your Team

OpenVPN is installed. Now let's configure it so your team can actually connect.

Access the Admin Panel

Open your browser and go to: https://your-server-ip:943/admin

Your browser will show a security warning because the certificate is self-signed. This is completely normal for a fresh install.

Click Advanced then Proceed to continue.

Login with: Username: openvpn Password: the password you set in Step 7

First Time Setup

Accept the licence agreement when prompted. Keep default settings for now — we will adjust the important ones below.

The 4 Settings That Actually Matter

1. Your Server's Public IP Go to: Configuration → Network Settings Make sure your Vultr server IP is correctly set here. If it was not auto-detected, enter it manually.

2. Traffic Routing Go to: Configuration → VPN Settings Turn ON "Route all client traffic through the VPN" if you want full privacy for your team's internet traffic. Leave it OFF if you only need access to your internal servers — not full routing.

3. DNS Settings Still in VPN Settings — set these DNS servers: Primary DNS: 8.8.8.8 Secondary DNS: 8.8.4.4 This prevents DNS leaks and keeps browsing private.

4. Adding Your Team Members Go to: User Management → User Permissions Click Add New User Set a username and password for each team member who needs VPN access.

Save and Apply Changes

After every change in the Admin panel:

1. Click Save Settings at the bottom
2. Then click Update Running Server

This applies your changes without restarting the server.

Common Problem at This Stage

Problem: Admin panel shows 502 Bad Gateway Solution: OpenVPN service may have stopped. Run: sudo systemctl restart openvpnas Then try accessing the Admin panel again.

Connecting Your Team — Every Device, Every Platform

The server is set up. Now let's get your team connected — on any device.

Step 1 — Download OpenVPN Connect App

OpenVPN Connect is the free official client:

Windows and Mac: Visit openvpn.net/client and download the version for your operating system.

iOS: Search "OpenVPN Connect" in the App Store.

Android: Search "OpenVPN Connect" in the Play Store.

Linux: sudo apt install openvpn -y

Step 2 — Get Your Connection Profile

Each user logs into the Client UI:

1. Open browser and go to: https://your-server-ip:943/

2. Login with the username and password you set in the Admin panel

3. Download either: • Yourself (user-locked profile) — easiest option for most users • Auto-login profile — connects automatically without password prompt

Step 3 — Import and Connect

Windows, Mac, iOS, Android:

1. Open OpenVPN Connect app
2. Click the + button or Import Profile
3. Upload the .ovpn file from Step 2
4. Click Add then Connect
5. Enter password if prompted

Linux via Terminal: sudo openvpn --config your-profile.ovpn

Step 4 — Verify It is Working

The fastest way to check:

1. Go to whatismyip.com in your browser
2. Your IP should now show your Vultr server IP — not your real IP address

If it shows your Vultr server IP — your VPN is working perfectly.

If it still shows your real IP:

1. Check that routing is enabled in VPN Settings in the Admin panel
2. Disconnect and reconnect the client
3. Check that port 1194 UDP is open in your Vultr firewall

Quick Connection Checklist

1. OpenVPN Connect app installed
2. .ovpn profile downloaded from Client UI
3. Profile imported into the app
4. Connected and IP verified at whatismyip.com

sudo apt install openvpn -y
sudo openvpn --config your-profile.ovpn

After Installation — Keeping Your VPN Secure and Updated

Installation is done. But the job is not finished. Here is what to do after your VPN is live to keep it secure and running.

Keep OpenVPN Updated

OpenVPN releases security patches regularly. Run this monthly on your server:

sudo apt update sudo apt upgrade openvpn-as -y sudo systemctl restart openvpnas

Never skip updates on a VPN server — security vulnerabilities in VPN software are a prime target for attackers.

The Most Important Security Rules

1. Change Passwords Regularly Update your openvpn admin password every few months: sudo passwd openvpn

2. Remove Users Who Leave When a team member leaves, immediately remove their VPN access: Go to Admin panel → User Management → Delete their account

3. Keep Port 22 Restricted Consider restricting SSH access to known IPs only in your Vultr firewall. This prevents brute force attacks on your server.

4. Monitor Connected Users In the Admin panel go to: Current Users → Connected Clients Regularly check who is connected. If you see an unknown user — remove them immediately.

5. Back Up Your Config After any Admin panel changes — export your configuration as a backup: Go to Admin panel → Maintenance → Backup/Restore → Download Backup

Quick Troubleshooting Reference

Problem: Cannot access Admin panel Fix: sudo systemctl restart openvpnas

Problem: Client connects but no internet Fix: Enable routing in VPN Settings and check DNS is set to 8.8.8.8

Problem: SSL certificate warning in browser Fix: Normal for self-signed cert — click Advanced then Proceed

Problem: Port 1194 not working Fix: Check Vultr firewall — ensure UDP port 1194 is open

Problem: User cannot connect Fix: Check their username and password in Admin panel → User Management

sudo apt update
sudo apt upgrade openvpn-as -y
sudo systemctl restart openvpnas
sudo passwd openvpn

Conclusion

You started with a real problem — insecure remote access, exposed servers, or privacy concerns. You now have a real solution — a self-hosted OpenVPN Access Server running on your own cloud server.

Here is what you accomplished:

1. Installed OpenVPN Access Server on Vultr
2. Configured it via the web Admin panel
3. Added users and set up routing and DNS
4. Connected clients on any device
5. Learned how to keep it secure and updated

This guide was prepared by Sanjai, Junior DevOps Engineer at CloudHouse Technologies, based on thorough research of official OpenVPN and Ubuntu latest 2026 documentation

If you need help with your cloud infrastructure or VPN setup, reach out to us at cloudhousetechnologies.com — our team is always happy to help.