OpenVPN with uPNP support in 10 minutes

I would like to share a tutorial to get your own VPN with uPNP support.

Your client will go though the VPN completely and be mask by it.

This configuration fit well any tools like BitTorrent, or anything that need to open port on the fly to share data.

What do you need:

  • Host (VPS)
  • uPNP daemon
  • OpenVPN Server
  • OpenVPN Client

Host (VPS)

I suggest a cheap host with enough bandwidth to hold your own connexion.

  • FirstHeberg: for less that 1,5 euros you got 100Mbit/s with 20GB disk and 1GB ram

uPNP daemon

Install linux-igd, it contain a very simple daemon we can plug on OpenVPN connexion

OpenVPN Server

This is a configuration on Ubuntu. You may find the same tools on different other distributions.

You will need OpenVPN and easy-rsa to get a working OpenVPN server.

Let’s start the configuration :

Now we can use the tools to generate the necessary keys :

The “server” and “client” can be changed if you got several server and client.

If you need to build another client just run :

Everything is inside “keys” directory.

Now let’s create a OpenVPN Server configuration.

Now create the server.up and server.down script :

Activate the ip_forward in sysctl :

Create a masquerade rule that is fire on connexion up :

You can now start your server :

OpenVPN Client

You are now ready to get the configuration for your client.

You will need :

  • ca
  • client crt
  • client key
  • config file

On your client, create a vpn directory :

Now you can start your vpn client.

I will not go much on client, it depends on your platform. You need thoses 4 files for all of them.

Test if it works

  • MonIP: it should display the ip of your vps now
  • TorrentMyIP: it will confirm that your torrent works and has the right ip

You can also check in transmission configuration if the “port open” works.

Enjoy !


Short URL:
  • morgz84

    Thanks for this guide. It maybe two years old, but still relevant and has saved me from much woe and pain! Have spent much time, with no success in trying to run in TAP mode to an Android phone with expensive third party client. Now running routed VPN (via official client) again, with DLNA services. Should be noted however that the stock apps and VLC both expect a wifi connection before they will search the “local” network. BubbleUpnp has been my most successful app for streaming on mobile data.

  • Grant Johnston

    I like the other commenter have hit a brick wall trying to run a TAP connection on an Android device. My problem however has one other step involved.

    Previously I had run the OpenVPN server & Media server off the same machine and when I wanted to stream stuff I would login via VNC then restart my DLNA media server (Universal Media server) over the tun connection and it worked.

    However now my VPN server & media server are no longer on the same machine, so I somehow need to get my media server machine (MS) to be working in conjunction with VPN Server (VPNS) to broadcast over the VPN. Does anyone have any clue? I’ve been ramming my head against the wall for the better part of a week trying to figure this out.