VPNs are amazing creatures: they can get past those pesky
anti-porn firewalls at work or uni; give you access to Eastenders while you're travelling; or even unlock access to the hallowed ground of American Netflix if you're into that. Problem is, setting one up isn't the most user-friendly process around.
In this case, we're going to set up our VPN on a Virtual Private Server (VPS). This is a virtual machine hosted by an hosting company -- it behaves exactly like a server, but is much cheaper and simpler to set up, since there's no dedicated hardware. Instead, you specify the amount of resources you'd like -- RAM, CPU and storage space -- and you get a machine with that amount of stuff to power it.
I'm using a VPS from a UK-based hosting company, called UK2, since they're:
- cheap (around £8/month for their basic VPS, which is more than enough for our needs).
- offer unlimited-bandwidth VPNs, which is useful when all you're doing is running internet traffic through it.
- really quite cheap.
That said, you can use any VPS provider, either in the UK if you want to be able to use services like iPlayer, or in the US if you want to leech off American Netflix or Hulu. Or, if you don't want to pony up the cash for a server (and all you're looking for is a machine to connect to when you're on a public network or overseas), you can set up a dedicated Linux box at home; it doesn't matter, it'll serve the same purpose.
Once you've opened an account with your hosting company of choice, you'll need to configure your VPS. With UK2, this is pretty easy -- choose a name and hostname for your VPS, select the operating system (I'm using Ubuntu 10.04, since it serves my purposes and I'm relatively familiar with it), choose the resources you want dedicated to your VPS (I'm using a paltry 1Ghz CPU, 0.25GB of RAM and 50GB of hard drive space, which is more than enough to run a VPN), and hit go.
While the VPS is being set up -- which can take anything from five minutes to a couple of hours, depending on the hosting company -- download PuTTY, a free SSH client. This provides the means by which we're going to control the server, initially at least.
Once PuTTY is installed and your server is set up, find the IP address of your new server (it'll be listed somewhere on your hosting company's dashboard). Fire up PuTTY, enter in the IP address of the server, and leave the port as 22. You'll get a console window, which will ask for your login (which is root), and your password (the default root password should be supplied by your hosting company).
Once the login is successful, you'll have a command line that lets you install the server software. We're going to be installing the OpenVPN Access Server here, since it provides the simplest way to do the whole setup. Access Server is designed with corporate clients in mind; however, you can have up to two clients from the server without having to pay for a license. After that, licenses cost about £3.00 per client.
First thing we need to do is download and install the OpenVPN software package. Find the URL of the software package you want to download from this page, and then enter this into the command line:
wget [URL of software package here]
so for Ubuntu, it'll look like: wget http://swupdate.openvpn.org/as/openvpn-as-1.8.4-Ubuntu10.amd_64.deb
Once that's done, you need to unpack and install that software package:
dpkg -i [software package]
So for example, it'll look like: dpkg -i openvpn-as-1.8.4-Ubuntu10.amd_64.rpm
The OpenVPN package should now install -- you can sit back and let it do its thing.
Before you can log into the admin interface for your newly-created OpenVPN server, you need to set the password for the default admin account (called openvpn, funnily enough). Type the following:
You'll be prompted to set a password. Pro tip: don't set it as 'password'.
Now, you can log into the admin page for your server (woo!). Go to https://ipaddressofyourserver:943/admin (so for example, https://18.104.22.168:943/admin). You should see the Admin login prompt; you can use the 'openvpn' and the password you set earlier to log in.
This is the admin page; from here, you can change settings like the default hostname or IP address, what ports you access on, etc. If all you want is a basic connection, you can leave all the settings as default. More details on configuring the server can be found here.
If all you're after is a basic OpenVPN connection over a non-blocked network, head to https://youripaddress, and login using your username and password. Download the Connect client when prompted, and you'll be walked through connecting to your VPN. If you're trying to connect through a firewall or proxy server, though this won't work.
If that's the case, download the OpenVPN GUI from here. While it's installing, go back to https://youripaddress, and log in, but this time select 'client' rather than 'connect' from the drop-down menu. This will download a config file in the .ovpn format. Add this into the Program Files\OpenVPN\config folder, naming it something memorable.
There are a few settings you can tweak in the config file if you're having problems:
- Change the 'dev' and 'dev-type' lines to tun
- If you're trying to connect through a proxy server (if it's required by your local network, for example), add this line to the config: "http-proxy [ipaddress] [port] authfile.txt basic", and then create a txt file in the config folder, with two lines: 'username [your username]' and 'password [your password]'.
One other common problem is with home routers -- check that the port-forwarding in your router's config page is set to forward the port the VPN uses (443, by default). There are dozens of other settings to tinker with which, sadly, will be particular to your personal needs, especially if you're trying to connect through an organisation's network. Thankfully, there's a lot of information out there on OpenVPN -- the documentation page and community are both worth a read-through if you're having trouble getting it to work. And as always, enjoy responsibly -- although your boss might appreciate the creativity and problem-solving skills fostered by making an OpenVPN server, watching porn in your office is still frowned upon.
Tweakmodo is Gizmodo’s new guide to getting the very best out of your electronics. Every week, we’ll be doing the magic to a different device. Got a bit of kit you want to see pimped up, or think we’ve missed a vital hack? Let us know in the comments!
To get on-the-spot news, app tips and the full lowdown on Samsung’s latest mobile announcements check out Samsung’s Your Mobile Life over here.