Adfolks
Published in

Adfolks

Having light privacy with self-owned private VPN servers for FREE*

As we know, trusting the public networks might be hard at some point, we never knew who’s eavesdropping our packets and for what. I will be helping you to configure a simple OpenVPN server with decent bandwidth in the cloud.

  • * At the time when I was writing the article, Oracle Cloud was running a tier called “Alway Free” which allows us to span 2 instances for free.

Get an account from https://www.oracle.com/cloud/ and get it verified by giving your card details.

Choose a region which feels comfortable to be, like specific geo that you need to access service,

Span an ubuntu minimum config instance

upload or paste your pub-key and create the instance

Once the machine is created, goto

Virtual Cloud Networks (VCN) -> Security List -> Default Security List (Looks similar to AWS, more alike reverse hierarchy )

Create an ingress rule for OpenVPN port

The protocol should be TCP/UDP which you are planning to configure the OpenVPN, I prefer to use TCP since I am looking more into reliability rather than performance, make your choice.

Yeah, Half did… almost there.

SSH to your new instance (username will be ubuntu, grab the IP from the instance page)

The next part is clean-up the iptables rules (i prefer)

#run as rootiptables -P INPUT ACCEPT
iptables -P FORWARD ACCEPT
iptables -P OUTPUT ACCEPT
iptables -F

The hardest part for some may be the OpenVPN configuration/manageability, But I find something specially crafted against this problem from the Github community,
https://github.com/angristan/openvpn-install

This script will let you set up your secure VPN server in just a few seconds,

and by default OpenVPN-install script enables to have secure configurations from known “good” practices

curl -O https://raw.githubusercontent.com/angristan/openvpn-install/master/openvpn-install.sh
chmod +x openvpn-install.sh
#run as root./openvpn-install.sh

for the first time, it will prompt you for the configurations

For the IP address param, either Instance public IP can be given or any DNS name if you have any,

select the default port (1194 which you opened in security groups)

either TCP/UDP (which you configured in security group)

Once it is done, the script drives you to create a client profile (password and password-less).

Profile file will be saved in ubuntu home directory, either cat the file-content or SCP to your host machine

Optional

If you wish to have some “control’s” over the VPN like restricting from accessing certain IP’s, you can have your own iptables forward policies which do, like

iptables -I FORWARD -s 10.8.0.1 -i tun0 -d 216.18.168.124/25 -o eth0 -j DROP

Client Installation

https://openvpn.net/client-connect-vpn-for-windows/,

play store
https://play.google.com/store/apps/details?id=net.openvpn.openvpn&hl=en

Import the profile. Done

You can create additional clients and distribute them to your “loved” one’s.

Official Adfolks LLC Publications.

Recommended from Medium

How to create an App Like Udemy: Online Tutor Marketplace

Kubernetes testing: from Minikube to Multi-tenant clusters

The importance of pseudo code

Top 5 Visual Studio Code Extensions for Flutter

How to self study for cisco 200–301

Adding a wave system to our prototype

How to Optimize Cloud Cost in Multi-Cloud based Technologies

Stop Calling Project Dates Commitments

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Tibin Lukose

Tibin Lukose

Cloud Native Engineering & Security Enthusiast

More from Medium

Offensive Security Proving Grounds Walk Through “Tre”

Deep Static Analysis of Mirai Botnet

SnD_AMSI — Search and Destroy AMSI Remotely — Attack and Detection

picoCTF: Wireshark twoo twooo two twoo…