Step 1: Initialize OpenVPN using Docker

Objective: Create an OpenVPN Docker container using the default configuration.

6.1.1. Choosing a VPN port

Before you begin, choose a UDP port (or ports) that you want to use for your OpenVPN connection. You might ask, why does a port matter?

Outgoing port restrictions

Some networks restrict ports to control outgoing traffic. For example, a network wants to prevent torrents (port ranges 6700-6999) or defend again viruses that use Window’s file sharing (135-139). A network might block the VPN port 1194 intentionally.

  • Using a common port can by-pass that restriction.

Seeking to be anonymous

Using port 1194 announces to your ISP or network admin that you are using a VPN. You might want to hide that you are using a VPN.

  • Using another port can help mask a VPN tunnel.

  • It takes a sophisticated operation to detect a VPN.

  1. Browse the List of TCP and UDP port numbers from Wikipedia.

  2. Select a well-known UDP port that is likely to be open (DNS, NTP), that masks your usage (masquerade your data as a streaming video or game), or pick a port at random.

    Suggested UDP Ports

    UPD Port Number



    Secure Shell (SSH)


    Domain Name System (DNS)


    Network Time Protocol (NTP)



    Real Time Streaming Protocol (RTSP)




    Post Office Protocol 3 over TLS/SSL (POP3S)


    Real Time Messaging Protocol (RTMP)


    VLC media player default port for UDP/RTP stream


    VoIP providers (ports 10000-20000)




    Xbox LIVE



    Real-time Transport Protocol media data (RTP)




    Dropbox LanSync Protocol (db-lsp)



  3. Open the port in your firewall.

    • Typically, VPNs use UDP instead of TCP.

    • We can open a port on the firewall to accept UDP traffice only.

    • For example, this command open ports 123 using UDP. The firewall rejects TCP requests using port 123.

ufw allow 123/udp

6.1.2. Set up the Docker Container


This page is based on @gurayy’s Set Up a VPN Server With Docker In 5 Minutes blog post.

  • We will make some configuration changes.

  1. Follow the Set Up a VPN Server With Docker In 5 Minutes guide

  2. Note the following changes

    1. Replace $PWD with /root for all instances

      • $PWD returns or displays the current directory.

      • This path will become incorrect if the user is not in the home directory.

    2. Replace IP_ADDRESS:3000 with the IP address of your VPS.

    3. Replace the port (3000) with a port of your choice.

    4. Add the --name flag to the run command that starts the daemon process


Example of changes

Verify the Installation

At this point, you should have OpenVPN running in a Docker container and the configs files stored in ~/vpn-data.

Verify that:

  1. the firewall accepts UDP connections on the specified port.

  2. the Docker container is running.

    • You should see your running OpenVPN container with an exposed port mapped to 1194.

  3. the configuration files are in directory ~/vpn-data.

    root@vps298933:~# ls -lh ~/vpn-data/
    total 20K
    drwxr-xr-x 2 root root 4.0K Apr 18 21:04 ccd
    -rw-r--r-- 1 root root  650 Apr 18 21:06 crl.pem
    -rw-r--r-- 1 root root  642 Apr 18 21:04 openvpn.conf
    -rw-r--r-- 1 root root  813 Apr 18 21:04
    drwx------ 6 root root 4.0K Apr 18 21:09 pki
  4. you have a file with an extension .ovpn in the root (~) directory.

  5. Edit the .ovpn file using nano or another editor and verify that the IP address, port and protocol are correct.

The configuration might work on some systems, but there is a configuration error that prevents the client from communicating with the VPN server. Please continue to the next step to correct the invalid configuration.