How To Install Pritunl VPN on Debian / Proxmox VE

Posted on 60 views

In today’s article we shall look at the steps required to install and configure Pritunl VPN on Debian 11 / Debian 10 / Proxmox VE. Pritunl VPN is an opensource VPN server that you can adopt as an alternative to Aviatrix and Pulse Secure solutions. In Pritunl all configurations are done from a web interface which makes it easy to manage irregardless of the size of an organization or complexity of where it’s deployed. Security is a top priority in Pritunl solution, all traffic between clients and the server is encrypted. You can optionally enable two-step authentication using Google Authenticator.

Here are some notable features of Pritunl VPN;

  • It has support for multi-cloud VPN peering
  • It is simple to install, configure and manage
  • You can configure upto five layers of authentication giving it better security.
  • Wireguard and OpenVPN clients are supported
  • Highly scalable for upto thousands of users – both in Cloud and On-prem infrastructures
  • Can be configured for multi-cloud site-to-site links with VPC peering. VPC peering is available for Google Cloud, AWS, Azure and Oracle Cloud.
  • Interconnect AWS VPC networks across AWS regions and provide reliable remote access with automatic failover that can scale horizontally

Architecture of Pritunl VPN

Pritunl VPN presents a distributed and scalable infrastructure that can be easily scaled to thousands of users. MongoDB clusters can be deployed in HA setup to guarantee availability of VPN system in your environment. Pritunl works on client-server architecture, where user profiles are downloaded on clients, while servers and users are configured on the VPN server.

Pritunl is built on MongoDB – a highly scalable, and reliable NoSQL database solution. MongoDB has support for replication that can be done in minutes making a Pritunl cluster deployment fast and easy.

Setup Pritunl VPN on Debian 11 / Debian 10 / Proxmox VE

In this section we’ll discuss the installation and configurations of Pritunl VPN server on Debian 11 / Debian 10 / Proxmox VE. We recommend you perform this installation on a fresh installation of Debian Linux. Also ensure you access the server as user with sudo privs or as root user.

Step 1: Update Debian system

Login to your Debian machine and perform an update and optionally upgrade all packages on the system.

sudo apt update && sudo apt -y full-upgrade

After updates are committed, check if a reboot is required on the system.

[ -f /var/run/reboot-required ] && sudo reboot -f

Step 2: Add MongoDB and Pritunl repositories

Install basic utility packages required for this operation:

sudo apt update
sudo apt install gpg curl gnupg2 software-properties-common apt-transport-https lsb-release ca-certificates

Import MongoDB APT repository keys to your system.

curl -fsSL https://www.mongodb.org/static/pgp/server-5.0.asc|sudo gpg --dearmor -o /etc/apt/trusted.gpg.d/mongodb-5.gpg

Import Pritunl VPN GPG keys:

$ sudo apt-key adv --keyserver hkp://keyserver.ubuntu.com --recv 7AE645C0CF8E292A
Executing: /tmp/apt-key-gpghome.6ZjhVSgCdC/gpg.1.sh --keyserver hkp://keyserver.ubuntu.com --recv 7AE645C0CF8E292A
gpg: key 7AE645C0CF8E292A: public key "Pritunl " imported
gpg: Total number processed: 1
gpg:               imported: 1

Add Pritunl repository:

echo "deb http://repo.pritunl.com/stable/apt $(lsb_release -cs) main" | sudo tee /etc/apt/sources.list.d/pritunl.list

Add Mongodb repository by running the commands below:

echo "deb http://repo.mongodb.org/apt/debian buster/mongodb-org/5.0 main" | sudo tee /etc/apt/sources.list.d/mongodb-org-5.0.list

Step 3: Install Pritunl and MongoDB

With both repositories added and confirmed to be working let’s proceed to install pritunl and mongo-server packages.

sudo apt update
sudo apt install mongodb-org  pritunl 

Now start and enable Pritunl and MongoDB as below:

sudo systemctl start pritunl mongod
sudo systemctl enable pritunl mongod

Step 4: Configure Pritunl VPN Server

Our Pritunl VPN server is now installed and running. Next we access its web console on a web browser server’s IP to configure it. http://.

How-to-install-pritunl-vpn-server-on-ubuntu-20.04-1

You’ll need Setup Key to proceed. Run the command setup-key to generate it:

$ sudo pritunl setup-key 
c76683c87efe4774887a9a223a2f1fd6

Once you enter the setup-key and mongodb url, it will prompt you for username and password.

How-to-install-pritunl-vpn-server-on-ubuntu-20.04-7

The default username and password are obtained with the below command:

$ sudo pritunl default-password
[undefined][2022-06-28 15:13:50,043][INFO] Getting default administrator password
Administrator default password: 
 username: "pritunl" 
 password: "vzjTDicF92Ol"

You’ll land on a page like below where you can change admin user and password, set domain and Let’s Encrypt SSL.

How-to-install-pritunl-vpn-server-on-ubuntu-20.04-2-1024x421

Next configure organizations, users and servers.

How-to-install-pritunl-vpn-server-on-ubuntu-20.04-1024x287

VPN users are added by clicking on ‘Users’. Users are mapped to server in an organization.

How-to-install-pritunl-vpn-server-on-ubuntu-20.04-3-1024x194

To create a new organization click on ‘Add organization’ then specify a name and ‘Add’.

image-3

Create a VPN server by clicking on ‘servers’ then ‘Add server

How-to-install-pritunl-vpn-server-on-ubuntu-20.04-9-1024x400

Provide server information required then click ‘Add’.

How-to-install-pritunl-vpn-server-on-ubuntu-20.04-01-1024x565

Finally attach the server to an organization by clicking on ‘Attach organization’ and choosing your organization.

Adding users

Click on ‘Add user’ to create a user profile on your VPN server.

image-4

To add many users at once use the ‘Bulk Add user’ function on the web interface.

Step 5: Configure Pritunl Clients

Visit the Pritunl VPN clients page and choose one for your Workstation to download and install.

Once VPN client has been installed, login to Pritunl VPN server to download user profile. Click on ‘Users’ select the particular user and click on the download icon to get the user profile.

pritunl-download-user-profile-1024x108

Launch your Pritunl VPN client, then choose “Import Profile

How-to-install-pritunl-vpn-server-on-ubuntu-20.04-04

Locate user’s profile .tar file downloaded and import it, then you’ll be able to connect to Pritunl VPN server.

 

coffee

Gravatar Image
A systems engineer with excellent skills in systems administration, cloud computing, systems deployment, virtualization, containers, and a certified ethical hacker.