Were you concerned about the security of your internet connection outside your office or home?

Or wanna connect your entertaining or working environment on the street like the cloud service?

The self-hosting OpenVPN service can help you, and sure, for free 100%, same as IKEv2 ipsec.

So, for instance, a small office environment.

What you need as below

  • Connectable internet and a router from your internet service provider
  • A Linux server, or a NAS with Docker.
  • A dedicated fixed IP address or DDNS

If you don’t have the docker, you can follow the steps on the website below to deploy the docker first.


So, we use Debian 11 Linux with Docker as an example. You can follow the steps the deploy it yourself.

use the command below to create your OpenVPN config file.

In this sample, we assume the server domain is chriscn.cn, and your config file hosts in /etc/openvpn.

You can modify it as you wish.

docker run -v /etc/openvpn:/etc/openvpn –rm kylemanna/openvpn ovpn_genconfig -u udp://chriscn.cn

You can get your config file openvpn.conf.

And then use the command below to create your server’s certification.

docker run -v /etc/openvpn:/etc/openvpn –rm -it kylemanna/openvpn ovpn_initpki

Please ensure you remember what you put in.

The default port OpenVPN used in the config file is 1194/UDP, and sure you can modify it.

And then use the command below to run your OpenVPN container.

docker run -v /etc/openvpn:/etc/openvpn -d -p 1194:1194/udp –name OpenVPN –cap-add=NET_ADMIN kylemanna/openvpn

At last, we can use the command below to create your user name user certification.

docker run -v /etc/openvpn:/etc/openvpn –rm -it kylemanna/openvpn easyrsa build-client-full chris
docker run -v /etc/openvpn:/etc/openvpn –rm kylemanna/openvpn ovpn_getclient chris > chris.ovpn

Please remember the password of your user certification.

You can find It in /etc/openvpn/

So, Until now, the OpenVPN server deployment has already been finished, and the OpenVPN running at UDP:1194 on this server.

Next, we have to port forward the router’s UDP:1194 from WAN to this server, as the sample below.

At last, we just need to put the cert file to your devices and deploy the cert, so all you need to do were finish.

and then use your OpenVPN application to load the certification file.

The only thing you have to do is enjoy it.