Heartbleed – Fix your OpenVPN Access Servers NOW!

Heartbleed was a major vulnerability in the SSL protocol used by many many sites and services. Folks have been scrambling to patch it up quickly since it was announced a few days prior.

If you are in the process of doing just that for yourself or your organization, you might be so busy fixing websites and webservers that you forget about other services that also make use of the OpenSSL protocol.

One such service, OpenVPN. Particularly “Access Server” as it has a client-facing Web front-end. Luckily, there is already a new version of access server released and updating your existing servers is quite simple on most Linux distributions.

You can read specifically about OpenVPN Access Server and Heartbleed here:
http://docs.openvpn.net/heartbleed-vulnerability-on-access-server-1-8-1-2-0-5/

This short guide focuses specifically on updating OpenVPN Access server running on Ubuntu 13 64-bit.

The process for fixing your Ubuntu server is quite straightforward, log-in, elevate your privileges to root, download the latest .deb package, and finally install the package. Here is a guide for Ubuntu 13 64-bit. If you are on another OS, please read more down below.

Ubuntu 13 64-bit

All done! The package manager will note that you already have access server installed and it will do an in-place upgrade and auto-restart the service. It is quite painless.

If you are running a different base operating system you can find download links for a package for your system here:
https://openvpn.net/index.php/access-server/download-openvpn-as-sw.html

The process should be more or less the same on most other operating systems. What will vary is the name of the package you are downloading via wget and the command to install said package as different Linux distributions use different package managers. The above “dpkg -i” command should apply to most Debian based OS’s (Ubuntu and Debian being the primary ones).

Cheers to you for securing your network!