Feel free to comment ask for any doubts.So, Let’s get started. In this tutorial I will walk you through how to install OpenVPN Access Server on an Azure Ubuntu Virtual Machine. Well OpenVPN is an open source software which allows us to create VPN connections.
You might be thinking what is the advantage of this all over head, well let me tell you, your ISP is monitoring your activity, what websites you visit all your internet history and which is a privacy invasion. There are public Free and Paid VPN but how can you trust them if your data is being monitored or not ?
well now you might be wondering why a VM on Azure cloud or even AWS ? first you dont need to even think about all hardware and maintenance it comes with and another is you pay as you go. So, no over head on pricing as well.
OpenVPN only allows Two concurrent connections, you can check pricing to get more connections.
Before we start we need two things:
- first thing is an Azure subscription, if you do not have you can sign up here. I am using Azure Dev Essential Subscription and you can sign up here for free credit of 25$ per month for 1 year.
- we need to SSH in Azure Ubuntu VM, you can use Putty or Linux Bash. I will be using Putty here is the link to download.
CREATING AN UBUNTU 16.04 VM ON AZURE
- Open the azure portal using this link.
- Click New, then Compute, and then choose Ubuntu Server 16.04 LTS
- Choose a deployment model i.e. Azure Resource Manager and hit Create.
- Choose a name for your server, admin Username and a strong Password, set a resource group name (it helps managing all resources at one place) and select VM Disk Type as HDD because we will be using a basic level VM and it does not come with SSD and then select location which is nearest data center from your location (i have selected Southeast Asia). Once done hit OK.
- Now, choose the VM size and price will depend on it. I have selected the lowest i could found and that is Basic A0 (it cost about 13.39 $/month). The price does not include the storage (pay as you go) and the ingress traffic cost as well. Click here Learn more about how VM instances get billed. and click Select.
- Now, on Settings select Public IP Address and Click Create New and give it a Name i’ll name it “hackdecodeOpenVPN-ip” and make it as a Static IP (well we need a static IP address, for the sake of OpenVPN we need to configure VM IP with OpenVPN, so if IP get changed at each and every reboot then we’ll have to change it again in the config of OpenVPN). So, click Ok.
- Finally review all settings and read & accept Terms and click Purchase.after 5 mins (Maximum) your VM will be created check dashboard.
- Once the VM is created we will have to create Inbound rules: By default, only TCP on Port 22 (for SSH) is open. To allow connection and management of the server we will have to allow: TCP on ports 443 and 943, UDP on port 1194. This will be done in Network Security Group Level.
- Click on the VM you have created from the dashboard, then click on the Resource Group Name, here you will be able to find Network Security Group (one with shield icon) Open it, and here you will be able to find Settings, Now click Inbound security rules.
- Once Opened, you will be able to find Settings, Now click Inbound Security Rules. You will have to create three different rules, first one is by adding TCP on Port 443; Click Add, then give it an appropriate Name for the rule, choose Protocol i.e. TCP, and set the Port Range to 443 and Set Action as Allow and at last Hit Ok.Repeat the Same for TCP on 943 and UDP on 1194.
SETTING UP AN OPENVPN SERVER
The Azure VM is ready ! Now, we can configure and install openvpn on this ubuntu VM. Don’t worry it is pretty simple.
- Open the Portal and open the VM and take a note of the public IP address of VM.
- Now, SSH into this VM using Putty, Paste the public IP address and click Open.
- Log into the VM using the UserName and Password set while creating the VM.
- Update VM using this command:
Update VMShell1sudo apt-get update
- Upgrade VM Packages using this command:
Upgrade VM1sudo apt-get upgrade
- Download the OpenVPN package for Ubuntu 16 amd/x86 64-bit using this command:
get openvpn package1sudo wget http://swupdate.openvpn.org/as/openvpn-as-2.1.9-Ubuntu16.amd_64.deb
please check for latest version of package from here.
- Now, Install the OpenVPN package using the below command:
install OpenVPN packageShell1sudo dpkg -i openvpn-as-2.1.9-Ubuntu16.amd_64.deb
Once install is complete, two URL’s are displayed: one for admin and another for client. But the IP displayed here are internal IP address of VM. You will have to in same virtual network than the VM to use it. To access the OpenVPN server we need to use the public IP address.
- The admin username for the OpenVPN is ‘openvpn’ (by default). Set a password for this admin with the command line:
change admin password for openvpn1sudo passwd openvpn
- Let’s create a user called ‘jawand’ and a password for this user with the following command line. we will be using non-admin user to connect with the OpenVPN and there is no need to provide additional details:
create non-admin userShell1sudo adduser jawand
- Now, Open your browser and access admin page using this URL: https://<yourVMpublicIP>:943/admin Ignore the certificate warning and login using admin creds of openvpn (default user) user.
- On admin portal, select Server Network Settings. Then, replace the internal IP address with the public IP address of VM. The VPN clients will use this IP to connect with the server. Then click Save Settings at the bottom and Update Running Server at the Top.
OPENVPN CLIENT CONFIGURATION
So, The server is all setup and now we need a client to configure. we can connect maximum two client to this OpenVPN server. Clients available are for Windows, Linux, Mac OS X, Android.
- To download the client to connect with windows open your Public IP address in the browser https://<publicIPaddress> Logon using non-admin username and password we created and Hit Go.
- Once installation file is installed, launch the client and connect to OpenVPN server using non-admin username and password.
well you are done, enjoy some privacy while you can have some ! Feel free to comment and ask for any doubts.
EVERYONE HAS THERE REASONS FOR THE THINGS THEY DO ! AND HERE IS MINE:
Well, this all started in January 2017, I wanted to play Battlefield 3 and i was not playing it on EA servers. I was playing on some third party servers known by the name of Zlogames. So, for some reasons my IP address was blacklisted and i was not able to Join their servers to play game (BTW i checked it using fiddler, when i ran the ZLO Games client it sends the HTTP call to an IP blacklist check). So, this is the reason i wanted to use a VPN and for privacy reasons as well.