Setting up your own VPN server (totally for noob)

As concerns of network security raise with Hong Kong Gov pushing Annex3, the needs of using VPN raise as well. Instead of using the provider in the market, why don’t we just build our own VPN server.

Building our own VPN server have following advantages:

• Total control of your privacy
• Key strength is 2048 bit
• On demand, you could destroy/shutdown it whenever you like

Cost is around $150 HKD per-month (but having credit for first year)

This story will take your hand and setting up a VPN server on Google Cloud Platform step by step.

Step 1. Create a GCP account

You can also claim the $300 USD for free trial with the following link:
https://console.cloud.google.com/freetrial/signup/
* $300 USD credit would be expire after 12 months

This is a banner after activate the credit (in HKD)

Step 2. Create your project

2.1 Click Select a project at top, then click New Project

2.2 Enter the project name and create

Step 3. Create an instance

3.1 Search for Compute Engine at top
(It would take few mins to initialize the Compute Engine for the first time)

3.2 Click Create , and here are the considerations when you create your server

Region: Location closer would be faster, I would choose Taiwan for this one?
Machine Type: VPN consume CPU most, but not heavy, g1-small would be fine for few connections
Boot Disk: Default using Debian 10 is good enough
Networking: add a tag vpn and create a static IP

Tips: Click this to expand the network settings

Tips: Click this to setup the Public IP

Remember to create the IP here

Step 4. Create Firewall rule

4.1 Search for Firewall rules

4.2 Add a firewall rule with followings:

Name: vpnserver
Target tags: vpn
Source IP range: 0.0.0.0/0
Specified protocols and ports: udp 1194

This is how it look like in UI

Step 5. Set up the VPN server

5.1 SSH into the machine
(Back to Computer Engine , click the SSH button next to the instance created)

5.2 Run the following command (would take ~5mins)

curl -s -L https://raw.githubusercontent.com/DesmondH0/gcp-vpnserver-setup/master/deploy-vpn.sh | sudo bash

(You can re-run it if you need to re-create the OVPN server)

You should see the ovpn file generated with path

5.3 Download the ovpn file

(You can find the download function in the top right corner menu)

This file is the key for using your server, please keep it private

Step 6. Setup the ovpn on your device

(I would use my iPhone as the example, the ovpn file should work on all ovpn client)

6.1 Install OVPN client on your phone, i am using the client below

‎OpenVPN Connect

6.2 Sent the OVPN file to your phone, and import it to OpenVPN

(I am sending it via my email)

6.3 Enable VPN, and you should see connected

6.4 Verify your network

you can visit www.whatismyip.com and you should see your public IP is the same as the one as your vpn server