Setup OpenVPN Server on GCP
As in most cases, the free or paid VPNs are known for unwanted ads, traffic restrictions, fraud, and information theft, so to deal with it, we can set up our own VPN server by hosting it on the GCP (Google Cloud Platform). Personal VPN Server has proven to be cost-effective, and additionally, it has the following benefits.
- Unlimited Bandwidth.
- Minimal Chances of information theft or fraud.
- No traffic logs.
- No traffic filtering.
- watch 4k videos.
- Netflix with Country Switching.
- Best Torrenting Speed.
Configuration Summary
We will set up our VPN Server in three steps as follows:
- We will set up a Google Cloud Hosting and configure it.
- We will download and install the OpenVPN Access Server on cloud hosting.
- Lastly, we will configure the OpenVPN access server.
Having Problems? Here is more for further assistance.
Step-1
Setup and Configure free Google Cloud Hosting
For demonstration purposes, I have used the Google Cloud Platform (GCP) because they offer free cloud hosting. If you have another cloud hosting just move to Step-2.
Assuming that you have google cloud hosting(GCP), then follow the instructions.
Create A VM On Cloud Hosting
let us create a VM (Virtual Machine) instance on the cloud hosting by selecting the Compute Engine tab on the left pane and then selecting the VM Instances link. For convenience, screenshots are added for each step so follow the instructions associated with the screenshots.
Press the create instance button(+)
After this you will see the instance specification page, here is the minimum specification with a screenshot added below:
- Machine series and type are E2, E2_Micro.
- 1 GB Ram.
- 10 GB persistent Disk.
- Operating system Ubuntu Server 18.04 LTS and 1 Static Public IP
- Country USA
Selecting the right country has great and vital importance in setting up your VPN server because it implies to your bandwidth, latency, and Country ISP restrictions. So select your nearest or desired region and zone for your country.
On the same page under “Boot disk” choose the operating system to be Ubuntu 18.04 LTS
On the same page see the firewall section now check Http and Https and then select the underneath Networking link.
Edit the default under the Network Interfaces.
On the Network Interface page scroll down to External IP and select Create IP address, a window will popup, then enter the Name of your choice and then press the Reserve button. This will assign a static public IP to your VPN Server.!!!!!!!!! Do Not Choose Premium Tier only Choose Standard else it will incur monthly charges for the premium network!!!!!!!!
Underneath External IP Section chooses Ip forwarding to be on ….else configuration will fail. After this, press the Create button and your Ubuntu VM instance will be created. Make sure your instance is running (default state).
Obtain SSH Access to VM
As shown in the screenshot, On the VM instances page select the SSH drop-down menu and choose Open in a browser window to gain SSH access to your VM.
Having Problems? Here is more for further assistance.
Setup Port Forwarding for VM Instance
To connect over the internet from your laptop to your Server, we need to allow some UDP and TCP ports through our Cloud Firewall please look at the screenshot below and follow the instructions.
Click the 3 dot button and select “View network details” this will take you to the VPC Network page. Now on the left pane click the FIREWALL link and then click Create Firewall Rule as shown in the screenshot below.
After you click the Create Firewall Rule another window opens. Now insert the following entries in the following fields as shown in the screenshot below.
- Type “Openvpn” in the Name field.
- Select “all instances” in the Targets field.
- Type “0.0.0.0/0” in the Source IP ranges.
- In the Protocols and ports section, select Specified Protocols and ports then check UDP and type 1194 and then check TCP and type 443,943,945
- After this click the Create Button. Your rule configuration should match this screenshot.
That is it for Step-1.
Step-2
Download and Install OpenVPN Access Server on GCP
To set up the VPN server, you will need to install an open-source free OpenVPN Access Server, and to do this, we need to copy-paste some Linux commands, and let’s be sure to use the keyboard shortcut keys such as “ctrl c” for copy and “ctrl v” for paste but first, you need to have the root access.
The following Linux command will give you root access which is a must to install the software.
sudo su
Now copy-paste the following commands. These commands will install the OpenVPN Access Server, a self-signed certificate, and the GUI (Graphical User Interface).
apt update && apt -y install ca-certificates wget net-tools gnupg
wget -qO -
https://as-repository.openvpn.net/as-repo-public.gpg
| apt-key add -
echo "deb
http://as-repository.openvpn.net/as/debian
bionic main">/etc/apt/sources.list.d/openvpn-as-repo.list
apt update && apt -y install openvpn-as
If the installation goes smoothly you will see a similar screen like this in the screenshot.
Once you see this screen, the installation is complete, now reboot your VM.
Type reboot and press Enter.
reboot
That is it for Step 2.
Having Problems? Here is more for further assistance.
Step-3
Configure OpenVPN Access Server
Now that the OpenVPN Access Server is installed, it is time to configure its web interface, here are the step-by-step instructions. If you want to know more about OpenVPN security then read the following post, is OpenVPN is safe? and know more about its security.
1. Setting Up Admin Password
Now let’s create a password for the Administrator, by default “OpenVPN” is the username for Admin Account. For this take the root access on a Linux ubuntu machine and type as below.
#For root access
sudo su
#Set password for the Admin user
passwd openvpn
Once you enter this command it will ask for a new password. Enter the new password and save it somewhere safe.
Now reboot your server by typing as below.
reboot
2. Create a New User Account
Once rebooted access your VPN Server.
https://your public ip address.
Enter your Admin Account Credentials.
Once correctly entered the Server activation page will show up.
For more than 2 users you will be needing the activation key just insert the activation key or ignore it if you want to use it for up to 2 users.
And now let’s create a User Account, for this select the USER MANAGEMENT tab and then click User Permissions as shown below.
The figure shows creating a user with the username user1 make sure you check the Allow-Auto login CheckBox this will allow you to auto-download OpenVPN Connect Client with OVPN Client Profile for any Operating system i.e Windows/IOS/Linux/Android. After this click More Settings and set a user password in the password field. Now click the Save Settings button and then click the Update Running Server button
3. DNS Settings
You need to auto-assign DNS IP addresses to your VPN users, for this go to the CONFIGURATION tab and then click VpnSettings scroll down, and reach DNS Settings select YES for Have clients use specific DNS servers, and then add the following DNS Server IP addresses as shown in the screenshot.
Here you can use any DNS servers for your remote users. A good choice will also be OpenDNS servers for added safety, so choose as you like. After this Click Save Settings and then click Update Running Server Settings this will conclude DNS settings.
4. Network Settings
For remote users to globally connect to our VPN server, you need a public/external IP Address. This Public IP Address was attached to your Ubuntu VM in the first part please refer to part I. Select NetworkSettings and Add your External IP at Hostname or IP Address as shown in the screenshot.
Save Settings and Update the Server and then Logout.
5. Downloading Client Software for Windows PC
Now it’s time to download the client for PC users, which is called OpenVPN Connect. Type as mentioned below.
Press Enter and then do the following :
- A Login Page will open, type in your previously created user name and password and press submit.
- Now download the client for the desired platform and also download the Client Profile.
- Once downloaded run the client and Open the Profile file then this will ask to Import it.
- Import the user profile and add your username and password and finally click connect.
Once Connected type in the internet browser window.Verify Internet Reachability For Your VPN by typing:
https://Server_External_IP
Download the OpenVPN client and type in the username and password for the previously created user and then connect.
Once connected ping google DNS at 8.8.8.8 and then type on the browser window what is my IP the site should be showing your Server’s External IP.
Congratulations! If you have read the post this far then you will surely be able to make your own VPN Server. Having Problems? Here is more for further assistance.