The page will show a notification like Your connection is not private. This is due to Pritunl using a self-signed certificate. Proceed anyway.
Pritunl will then ask you to issue a command from SSH so that you can retrieve your temporary admin credentials. Use the command below to get the username and password:
docker exec pritunl pritunl default-password
Once logged in to the Pritunl admin panel, you will be asked to set a new admin username and password.
You can also add your IPv6 if your VPS host provided you with one.
Leave the rest of the settings to their defaults and click on Save. Changing port 443, for instance, may render Pritunl inaccessible.
The first thing to do after setting the admin user is to add an Organization in Users > Add Organization. An Organization is simply a name that you want for your group.
Group refers to the VPN servers that you will be creating later on. Pritunl allows you to create multiple TCP or UDP OpenVPN servers. You are only limited by how beefy your server is.
However, only 2 ports have been set for Underpass - 1 for TCP and 1 for UDP.
Before you can start a VPN server, you'll be required to attach an Organization to it.
Add an OpenVPN server from Servers > Add Server. You'll then need to fill up the server settings. A tooltip will appear when you hover your mouse over an option.
Note:
Port: refers to the port that was defined in PRITUNL_TCP and PRITUNL_UDP from /opt/underpass/.env. It's 1194 by default for both TCP and UDP ports.
Please also note that Enable WireGuard is not supported by Underpass
You can create users from the Users page. The only fields required to create a user are the Name and Organization. The Pin and Email are optional.
After User creation, you'll be able to download its ovpn profile.
The profile is contained in a tar archive, so make sure that you have a tool to extract the ovpn file from a tar file (7-zip, WinRAR, etc).
By default, both OpenVPN servers listen on port 1194 TCP or 1194 UDP. You can change them to your desired port numbers by editing /opt/underpass/.env
PRITUNL_TCP=1194
PRITUNL_UDP=1194
Recreate the pritunl container afterwards:
cd /opt/underpass
docker-compose up -d --force-recreate pritunl
If you changed the PRITUNL_TCP and PRITUNL_UDP port numbers, you'll need to change the ports from your Pritunl Servers panel as well.
In order to do that, click on the Stop Server button and access the server settings by clicking on the VPN server's name.
You can then change the port from the Server Settings window. Start the server again after clicking on the Save button.
Changing ports also means that your old ovpn files won't work anymore. You'll have to download your new VPN profile from the Users panel.
Squid allows the OpenVPN TCP port to connect to it via the http-proxy and http-proxy-user-pass directives in the ovpn config.
If you changed the port number in PRITUNL_TCP from /opt/underpass/.env, then you will also need to change the OpenVPN port number in squid.conf.
In order to do that, issue the command below from your SSH terminal:
sed -i 's|1194|YOUR_SSH_PORT|' /opt/underpass/config/squid/squid.conf
Where YOUR_SSH_PORT is the new port number that you assigned to PRITUNL_TCP.
Once done, recreate the squid container:
cd /opt/underpass
docker-compose up -d --force-recreate squid
You can use OpenVPN or the Pritunl client to connect to the Pritunl VPN Server. There is no Pritunl client on mobile, but the OpenVPN client is 100% compatible.
Download the Pritunl client: https://client.pritunl.com/#install