Table of Contents
Objective: Create an OpenVPN Docker container using the default configuration.
Before you begin, choose a UDP port (or ports) that you want to use for your OpenVPN connection. You might ask, why does a port matter?
- Outgoing port restrictions
Some networks restrict ports to control outgoing traffic. For example, a network wants to prevent torrents (port ranges 6700-6999) or defend again viruses that use Window’s file sharing (135-139). A network might block the VPN port
Using a common port can by-pass that restriction.
- Seeking to be anonymous
1194announces to your ISP or network admin that you are using a VPN. You might want to hide that you are using a VPN.
Using another port can help mask a VPN tunnel.
It takes a sophisticated operation to detect a VPN.
Browse the List of TCP and UDP port numbers from Wikipedia.
Select a well-known UDP port that is likely to be open (DNS, NTP), that masks your usage (masquerade your data as a streaming video or game), or pick a port at random.
UPD Port Number
Secure Shell (SSH)
Domain Name System (DNS)
Network Time Protocol (NTP)
Real Time Streaming Protocol (RTSP)
Post Office Protocol 3 over TLS/SSL (POP3S)
Real Time Messaging Protocol (RTMP)
VLC media player default port for UDP/RTP stream
VoIP providers (ports 10000-20000)
Real-time Transport Protocol media data (RTP)
Dropbox LanSync Protocol (db-lsp)
Open the port in your firewall.
Typically, VPNs use UDP instead of TCP.
We can open a port on the firewall to accept UDP traffice only.
For example, this command open ports 123 using UDP. The firewall rejects TCP requests using port 123.
ufw allow 123/udp
This page is based on @gurayy’s Set Up a VPN Server With Docker In 5 Minutes blog post.
We will make some configuration changes.
Follow the Set Up a VPN Server With Docker In 5 Minutes guide
Note the following changes
/rootfor all instances
$PWDreturns or displays the current directory.
This path will become incorrect if the user is not in the home directory.
IP_ADDRESS:3000with the IP address of your VPS.
Replace the port (
3000) with a port of your choice.
--nameflag to the run command that starts the daemon process
At this point, you should have OpenVPN running in a Docker container and the
configs files stored in
the firewall accepts UDP connections on the specified port.
the Docker container is running.
You should see your running OpenVPN container with an exposed port mapped to
the configuration files are in directory
~/vpn-data.root@vps298933:~# ls -lh ~/vpn-data/ total 20K drwxr-xr-x 2 root root 4.0K Apr 18 21:04 ccd -rw-r--r-- 1 root root 650 Apr 18 21:06 crl.pem -rw-r--r-- 1 root root 642 Apr 18 21:04 openvpn.conf -rw-r--r-- 1 root root 813 Apr 18 21:04 ovpn_env.sh drwx------ 6 root root 4.0K Apr 18 21:09 pki root@vps298933:~#
you have a file with an extension
.ovpnin the root (
nanoor another editor and verify that the IP address, port and protocol are correct.
The configuration might work on some systems, but there is a configuration error that prevents the client from communicating with the VPN server. Please continue to the next step to correct the invalid configuration.