Setup OpenVPN Server on GCP

by March 15, 2021 · OpenVPN

As in most cases, the free or paid VPNs are known for unwanted ads, traffic restrictions, fraud, and information theft, so to deal with it, we can set up our own VPN server by hosting it on the GCP (Google Cloud Platform). Personal VPN Server has proven to be cost-effective, and additionally, it has the following benefits.

  • Unlimited Bandwidth.
  • Minimal Chances of information theft or fraud.
  • No traffic logs.
  • No traffic filtering.
  • watch 4k videos.
  • Netflix with Country Switching.
  • Best Torrenting Speed.
Configuration Summary

We will set up our VPN Server in three steps as follows:

  1. We will set up a Google Cloud Hosting and configure it. 
  2. We will download and install the OpenVPN Access Server on cloud hosting.
  3. Lastly,  we will configure the OpenVPN access server.
Having Problems? Here is more for further assistance.

Step-1

Setup and Configure free Google Cloud Hosting 

For demonstration purposes, I have used the Google Cloud Platform (GCP) because they offer free cloud hosting. If you have another cloud hosting just move to Step-2.

Activate Trial account on GCP to make a your own vpn.

Assuming that you have google cloud hosting(GCP), then follow the instructions.

Create A VM On Cloud Hosting

let us create a VM (Virtual Machine) instance on the cloud hosting by selecting the Compute Engine tab on the left pane and then selecting the VM Instances link. For convenience, screenshots are added for each step so follow the instructions associated with the screenshots.

Press the create instance button(+)

After this you will see the instance specification page, here is the minimum specification with a screenshot added below:

  • Machine series and type are E2, E2_Micro.
  • 1 GB Ram.
  • 10 GB persistent Disk.
  • Operating system Ubuntu Server 18.04 LTS and 1 Static Public IP
  • Country USA

Selecting the right country has great and vital importance in setting up your VPN server because it implies to your bandwidth, latency, and Country ISP restrictions. So select your nearest or desired region and zone for your country.

GCP VM needed to create your own vpn

On the same page under “Boot disk” choose the operating system to be Ubuntu 18.04 LTS

On the same page see the firewall section now check Http and Https and then select the underneath Networking link.

Create a VM for OpenVPN Access Server on GCP

Edit the default under the Network Interfaces.

On the Network Interface page scroll down to External IP and select Create IP address, a window will popup, then enter the Name of your choice and then press the Reserve button. This will assign a static public IP to your VPN Server.!!!!!!!!! Do Not Choose Premium Tier only Choose Standard else it will incur monthly charges for the premium network!!!!!!!!

Setup Static Public IP for OpenVPN Access server on GCP to make your own vpn

Underneath External IP Section chooses Ip forwarding to be on ….else configuration will fail. After this, press the Create button and your Ubuntu VM instance will be created. Make sure your instance is running (default state).

Obtain SSH Access to VM

As shown in the screenshot, On the VM instances page select the SSH drop-down menu and choose Open in a browser window to gain SSH access to your VM.

obtain ssh access to gcp vm to create your own vpn
Having Problems? Here is more for further assistance.

Setup Port Forwarding for VM Instance

To connect over the internet from your laptop to your Server, we need to allow some UDP and TCP ports through our Cloud Firewall please look at the screenshot below and follow the instructions.

Create an Ubuntu VM Instance on GCP for OpenVPN access Server.

Click the 3 dot button and select “View network details” this will take you to the VPC Network page. Now on the left pane click the FIREWALL link and then click Create Firewall Rule as shown in the screenshot below.

Create Firewall Rule For for your own vpn on GCP.

After you click the Create Firewall Rule another window opens. Now insert the following entries in the following fields as shown in the screenshot below.

  • Type “Openvpn” in the Name field.
  • Select “all instances” in the Targets field.
  • Type “0.0.0.0/0” in the Source IP ranges.
  • In the Protocols and ports section, select Specified Protocols and ports then check UDP and type 1194 and then check TCP and type 443,943,945
  • After this click the Create Button. Your rule configuration should match this screenshot.
Firewall Settings for OpenVPN Access Server on GCP

That is it for Step-1.

Step-2

Download and Install OpenVPN Access Server on GCP

To set up the VPN server, you will need to install an open-source free OpenVPN Access Server, and to do this, we need to copy-paste some Linux commands, and let’s be sure to use the keyboard shortcut keys such as “ctrl c” for copy and “ctrl v” for paste but first, you need to have the root access.

The following Linux command will give you root access which is a must to install the software.

sudo su

Now copy-paste the following commands. These commands will install the OpenVPN Access Server, a self-signed certificate, and the GUI (Graphical User Interface).

apt update && apt -y install ca-certificates wget net-tools gnupg

wget -qO - https://as-repository.openvpn.net/as-repo-public.gpg | apt-key add -

echo "deb http://as-repository.openvpn.net/as/debian bionic main">/etc/apt/sources.list.d/openvpn-as-repo.list

apt update && apt -y install openvpn-as

If the installation goes smoothly you will see a similar screen like this in the screenshot.

Completing the Install for OpenVPN access Server on Ubuntu VM

 

Once you see this screen, the installation is complete, now reboot your VM.

Type reboot and press Enter.

reboot

That is it for Step 2.

Having Problems? Here is more for further assistance.

Step-3

Configure OpenVPN Access Server

Now that the OpenVPN Access Server is installed, it is time to configure its web interface, here are the step-by-step instructions. If you want to know more about OpenVPN security then read the following post, is OpenVPN is safe? and know more about its security.

1. Setting Up Admin Password

Now let’s create a password for the Administrator, by default “OpenVPN” is the username for Admin Account. For this take the root access on a Linux ubuntu machine and type as below.

#For root access

sudo su

#Set password for the Admin user

passwd openvpn

Once you enter this command it will ask for a new password. Enter the new password and save it somewhere safe.

Now reboot your server by typing as below.

reboot

2. Create a New User Account 

Once rebooted access your VPN Server.

https://your public ip address.

Enter your Admin Account Credentials.

Once correctly entered the  Server activation page will show up.

Activation Manager Page for Access Server GUI.

For more than 2 users you will be needing the activation key just insert the activation key or ignore it if you want to use it for up to 2 users.

And now let’s create a User Account, for this select the USER MANAGEMENT tab and then click User Permissions as shown below.

The figure shows creating a user with the username user1 make sure you check the Allow-Auto login CheckBox this will allow you to auto-download OpenVPN Connect Client with OVPN Client Profile for any Operating system i.e Windows/IOS/Linux/Android. After this click More Settings and set a user password in the password field. Now click the Save Settings button and then click the Update Running Server button

3. DNS Settings

You need to auto-assign DNS IP addresses to your VPN users, for this go to the CONFIGURATION tab and then click VpnSettings scroll down, and reach DNS Settings select YES for Have clients use specific DNS servers, and then add the following DNS Server IP addresses as shown in the screenshot.

Dns Settings Page for Access Server.

Here you can use any DNS servers for your remote users. A good choice will also be OpenDNS servers for added safety, so choose as you like. After this Click Save Settings and then click Update Running Server Settings this will conclude DNS settings

4. Network Settings

For remote users to globally connect to our VPN server, you need a public/external IP Address. This Public IP Address was attached to your Ubuntu VM in the first part please refer to part I. Select NetworkSettings and Add your External IP at Hostname or IP Address as shown in the screenshot.

Setting Up Dns Server for Access Server

Save Settings and Update the Server and then Logout.

5. Downloading Client Software for Windows PC

Now it’s time to download the client for PC users, which is called OpenVPN Connect. Type as mentioned below.

Setting up Public IP in Access Server GUI

Press Enter and then do the following :

  • A Login Page will open, type in your previously created user name and password and press submit.
  • Now download the client for the desired platform and also download the Client Profile.
  • Once downloaded run the client and Open the Profile file then this will ask to Import it.
  • Import the user profile and add your username and password and finally click connect.
OpenVPN Client Download Page


Once Connected type in the internet browser window.Verify Internet Reachability For Your  VPN by typing:

https://Server_External_IP

Download the  OpenVPN client and type in the username and password for the previously created user and then connect.

Once connected ping google DNS at 8.8.8.8 and then type on the browser window what is my IP the site should be showing your Server’s External IP.

Congratulations! If you have read the post this far then you will surely be able to make your own VPN Server. Having Problems? Here is more for further assistance.

You may also like...

Author: Ali Rehan (nprog)

Tekgru Author Picture; Syed Ali Rehan Tirmzy

For Post-related Questions, Help & Support, Project Discussion and for any other Query, Please join me at:

 ……………….. …………………….

WApp:+923227910074

Email:ali.rehan@tekgru.com