Setting up your own OpenVPN server on a Windows VPS gives you full control over your VPN connection for secure internet access, remote access to internal services, or bypassing restrictions.
???? Requirements
-
A Windows VPS (Server 2019, 2022, or 2025)
-
Admin/root access
-
Internet connection
-
OpenVPN Community Edition
???? Step-by-Step Guide
1. Download OpenVPN
-
Visit the official OpenVPN website:
-
Download the Windows installer under OpenVPN Community Edition.
⚠️ Choose the correct version for your system (usually Windows 64-bit).
2. Install OpenVPN
-
Run the downloaded .exe file as Administrator.
-
Accept the license agreement and use default installation options.
-
Allow installation of any virtual network drivers (TAP-Windows Adapter).
3. Configure EasyRSA for Certificate Management
OpenVPN uses certificates for secure authentication. Use EasyRSA (included in installation) to generate these:
a) Navigate to EasyRSA directory:
C:\Program Files\OpenVPN\easy-rsa
b) Open Command Prompt as Admin and run:
cd "C:\Program Files\OpenVPN\easy-rsa"
EasyRSA-Start.bat
c) Initialize PKI and build certificates:
./easyrsa init-pki
./easyrsa build-ca nopass
./easyrsa gen-req server nopass
./easyrsa sign-req server server
./easyrsa gen-dh
./easyrsa gen-crlThese commands create the Certificate Authority (CA), server certificate, and Diffie-Hellman parameters.
4. Configure OpenVPN Server
a) Create server config file:
Navigate to:
C:\Program Files\OpenVPN\configCreate a file named server.ovpn with the following content:
port 1194
proto udp
dev tun
ca ca.crt
cert server.crt
key server.key
dh dh.pem
crl-verify crl.pem
server 10.8.0.0 255.255.255.0
push "redirect-gateway def1 bypass-dhcp"
push "dhcp-option DNS 8.8.8.8"
keepalive 10 120
cipher AES-256-CBC
persist-key
persist-tun
status openvpn-status.log
log openvpn.log
verb 3Make sure to copy the generated .crt, .key, .pem, and .crl files into this folder.
5. Allow OpenVPN Port in Windows Firewall
-
Go to Control Panel > Windows Defender Firewall > Advanced Settings.
-
Add an Inbound Rule to allow UDP port 1194.
6. Start OpenVPN Server
-
Right-click the OpenVPN GUI icon on the desktop.
-
Select Run as Administrator.
-
Right-click the OpenVPN tray icon > Connect.
✅ The server will now start running on port 1194.
7. Create Client Config File
Create a .ovpn file for each client using the certificates and include:
client
dev tun
proto udp
remote YOUR_SERVER_IP 1194
resolv-retry infinite
nobind
persist-key
persist-tun
ca ca.crt
cert client.crt
key client.key
cipher AES-256-CBC
verb 3Send the .ovpn config and the corresponding certificate files to your client device.
???? Security Tips
-
Use a strong password for your VPS.
-
Don’t share your .ovpn file publicly.
-
Consider changing the default port for additional security.
