Your own VPN on 10 minutes

Picture by Mati Mango on Pexels

A VPN or Virtual Private Network is a service that allows you to connect to the internet through an encrypted tunnel in order to keep your privacy and security in check.

When you are using a VPN not only black hat hackers cannot sniff on your data, but your ISP (internet service provider) cannot either! It’s a great way to keep your sensitive data hidden from unwanted looks. Another pro of using a VPN is that your home/phone IP address is hidden and the only IP visible is your VPN's server one.

But, as Led Zeppelin sang once… “Not all that glitters is gold”. And neither are VPNs. Some of the drawbacks are the price, the speed decrease and it isn’t 100% safe, but that’s better than surfing the web naked and exposed. We have two options then, either register in an external VPN provider such as ExpressVPN, NordVPN, and so on. Or pull up our own VPS server with a VPN installed 🤓.

Setting a server

Our first step is setting up a server on Digital Ocean by creating a droplet with the following configuration:

  1. Image: Ubuntu 20.04 (LTS) x64
  2. Plan : Shared CPU, Basic
  3. Server: 6$/month one or 12$/month (depending on the use)
  4. Datacenter Region: The closest to our home
  5. Authentication: Prefered ssh keys, but password would be ok too
  6. One single droplet
  7. Tag: VPN
  8. Create Droplet!

Now we want to assign a floating IP. If you tap on the droplet, you’ll find the “Floating IP: Enable now” option underneath the header’s name, and we will proceed by assigning it to our droplet.

In a few minutes, the droplet will be up and we’ll be able to ssh into it by going to our terminal and running the following command, and entering the password afterward.

ssh root@<floating_ip>

Installing docker

For this, we will run this script that will update our server, install docker and docker-compose

#!/bin/bash# Updating server
apt-get update
# Installing dependencies
apt-get install -y curl vim

# Installing Docker
curl -fsSL https://get.docker.com -o get-docker.sh
sh get-docker.sh
# Installing Docker-compose
curl -L https://github.com/docker/compose/releases/download/1.25.4/docker-compose-`uname -s`-`uname -m` -o /usr/local/bin/docker-compose
chmod +x /usr/local/bin/docker-compose

Installing OpenVPN

Let’s create a directory to save all the files that we will use

mkdir myVpnServer && cd myVpnServer

Now let’s create a docker-compose file

touch docker-compose.yaml && vim docker-compose.yaml

We will paste then the OpenVPN docker container configuration from kylemanna:

version: '2'
services:
openvpn:
cap_add:
- NET_ADMIN
image: kylemanna/openvpn
container_name: openvpn
ports:
- "1194:1194/udp"
restart: always
volumes:
- ./openvpn-data/conf:/etc/openvpn

Let’s initialize the configuration files and certificates. It will ask you for a password that you’ll need to fill, and then several questions that we can skip with the enter button.

docker-compose run --rm openvpn ovpn_genconfig -u udp://<your-server-ip>
docker-compose run --rm openvpn ovpn_initpki

In case you aren’t running as root, you’ll have to change the file permissions to allow you to execute it.

sudo chown -R $(whoami): ./openvpn-data

Then, let’s run the container.

docker-compose up -d

But we are not done yet! We have to generate a client’s certificate:

export CLIENTNAME="your_client_name"# with a passphrase (recommended)
docker-compose run --rm openvpn easyrsa build-client-full $CLIENTNAME

And now let’s retrieve the client configuration with embedded certificates and download it so we can add it to our OpenVPN desktop app.

docker-compose run --rm openvpn ovpn_getclient $CLIENTNAME > $CLIENTNAME.ovpn

A “.ovpn” file will be created on the folder. Now we want to download it using scp. We will open another terminal and will copy this file from the server to our own computer:

scp root@<floatin_ip>:/root/myVpnServer/<ovpn_name>.ovpn ~/Desktop

We are almost done 🤓! Now we will open the OpenVPN app, import the file, and drop our downloaded “.opvn” file on the desktop to the app. When connecting you have the option of saving the password so it won’t ask you every time or to write it whenever you connect.

Write the password and wait for the connection

And there it is! Your own VPN server! Congratulations :)

--

--

--

Love podcasts or audiobooks? Learn on the go with our new app.

Recommended from Medium

How to setup your Git, Github account on another computer

Looking for some new destination? Try Luminar … — Stay on top of your photos

Lo4j2 Async Logger and Benchmark

How to Fix App Store Rejection Crash Reports

Download !PDF Excel Vba Programming For Dummies, 4e *Full Online

Managing Matlab Simulink/Stateflow models from Epsilon

The Phoenix Project — Now with More Kafka.

Launching Web Server in the container

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Rodrigo Labrador

Rodrigo Labrador

More from Medium

How to broadcast your Windows VPN connection to other devices

Developing A Game Engine with Perl : Part 2 — Mouse Input

HowTo: Track RMF and FedRAMP system packages with inherited common controls from cloud providers

Installing Manjaro Linux on a Macbook Pro 12,1