Installing Pritunl on CentOS 7

Updated on August 14, 2017
Installing Pritunl on CentOS 7 header image

Pritunl is an open source management interface for OpenVPN. It allows for private networks, has native IPv6 support, and is relatively simple to use.

That said, it also receives regular updates, and allows for full customization. In addition to the features above, custom routes are supported, and key size can be selected for increased performance.


In order to install Pritunl, you'll need:

  • A CentOS 7 system (both 32 and 64 bit systems are supported).
  • Root access (determine whether you are root by executing the following command: whoami).
  • A minimum of 512 MB of RAM, or the lowest plan.
  • MongoDB.
  • Either nano or vim (text editor).
  • SELinux disabled.


Installing dependencies

In order to install Pritunl, we'll need to add the necessary repositories to yum. Yum is essentially the package manager for CentOS and RHEL systems. It is similar to apt-get, so don't worry if this is your first time.

We'll be using nano for this tutorial, but you may use vim, if you prefer.

The first thing we'll be doing is adding the MongoDB repository:

nano /etc/yum.repos.d/mongodb-org-3.4.repo

Once you've entered the file, it should be blank. Paste the following in:

name=MongoDB Repository

Exit and save by pressing CTRL and O simultaneously. Once you do, simply press the "enter" key.

Now that we've added the repository for MongoDB (database software for Pritunl), we need to add the Pritunl repository.

nano /etc/yum.repos.d/pritunl.repo

When the file loads in your text editor, paste the following:

name=Pritunl Repository

Exit and save.

Continuing on, we need to install epel-release:

yum -y install epel-release

We now have all of the dependencies required. We'll need to disable SELinux before continuing:

nano /etc/selinux/config

It should say the following once opened:

# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
#     enforcing - SELinux security policy is enforced.
#     permissive - SELinux prints warnings instead of enforcing.
#     disabled - No SELinux policy is loaded.
SELINUX=enforcing . 
# SELINUXTYPE= can take one of three two values:
#     targeted - Targeted processes are protected, 
#     minimum - Modification of targeted policy. Only selected processes are protected. 
#     mls - Multi Level Security protection.

Change the SELINUX=enforcing line to SELINUX=disabled.

Reboot your server, and log back in.

Installing Pritunl

We've added all of the necessary packages and changed the necessary settings to install Pritunl.

Before we install, we need to add some keys (necessary for the repositories to function):

gpg --keyserver hkp:// --recv-keys 7568D9BB55FF9E5287D586017AE645C0CF8E292A
gpg --armor --export 7568D9BB55FF9E5287D586017AE645C0CF8E292A > temp.tmp; sudo rpm --import temp.tmp

We can now delete the temporary key:

rm -f temp.tmp

Now, we'll run yum to install Pritunl:

yum -y install pritunl mongodb-org

Once yum finishes, we'll make it so Pritunl and MongoDB run on startup:

systemctl start mongod pritunl
systemctl enable mongod pritunl

Pritunl is now installed.


After installing Pritunl, run the following:

pritunl setup-key

Make note of the key that comes from running the command above.

Now, visit your server:


You should see the following:

Paste the key that you were given from pritunl setup-key.

Once you hit the "Save" button, you will be prompted to set credentials. You will then be redirected to the login page:

Sign in with your credentials. Proceed to the next section on adding users, and creating your first VPN server.

Adding Users

If you wish to allow other users (whether it be a friend, or colleague), click the "Users" link on the navigation bar:

You should have created an organization already, and creating a user is simple. Click "Add User", and you will be prompted with the following:

Creating the VPN server

As mentioned previously, Pritunl simply manages OpenVPN.

Head to the "Servers" tab in the navigation bar and click "Add Server." You will be prompted with the following:

Fill in the fields with the appropriate information. You may choose the protocol (UDP is better for speed, and shorter distances), local IP range, and other options available through the "Advanced" tab.

Once you hit "Add," the dialog will close. After it does, click "Attach Organization".

Select the organization we created in the previous section, and the VPN server created in this section.

Hit "Attach."

Connecting to your VPN server

As Pritunl uses OpenVPN, connecting should be a breeze. You can choose to install the Pritunl client, or the standalone OpenVPN client.

Note: Installing a client is necessary in order to connect.

Before installing the client, proceed back to the "Users" tab in the management interface. You should see icons next to the user you created:

A tar.gz file will begin to download. Upon extraction, you'll receive the profile required to connect. Save the file in a safe place.

You can download the Pritunl client from the official site. The client supports all OpenVPN servers.

Enhancing Security

For enhanced security, enable two-factor authentication with Pritunl! Two factor authentication is available with Pritunl. It adds the functionality to OpenVPN. You can use Authy, or any supported app to generate the code that you can use to connect.


Congratulations! You've installed and configured your own VPN server.

If you need to uninstall, the process is simple. Run: yum remove -y pritunl mongodb-org