Skip to content

Instantly share code, notes, and snippets.

@cocolacre

cocolacre/openvpn_on_google_cloud.md

Forked from neuni/openvpn_on_google_cloud.md
Created April 16, 2018 14:03
Show Gist options
  • Save cocolacre/99fdf0212565648456f4066d11813237 to your computer and use it in GitHub Desktop.
Save cocolacre/99fdf0212565648456f4066d11813237 to your computer and use it in GitHub Desktop.
Download ZIP
Create a openVPN server on Google Cloud Platform to connect to your Google Cloud network using openVPN and/or to route your internet traffic through the VPN (Road Warrior Scenario)
Raw
openvpn_on_google_cloud.md

Install openVPN server on Google Cloud using Pritunl

Purpose:

Create a openVPN server on Google Cloud Platform to connect to your Google Cloud network using openVPN and/or to route your internet traffic through the VPN (Road Warrior Scenario)

Create instance

  • Create new instance in default network
  • Chosse Ubuntu 16.04 LTS
  • Check "Allow HTTP traffic" and "Allow HTTPS traffic"
  • Add the tag "vpn-server"
  • Enable IP forwarding
  • Add static external IP

Create DNS record

  • Create a dns-record for the new static IP

Instance setup

  • Connect to your instance using SSH
  • echo 'deb http://repo.mongodb.org/apt/ubuntu xenial/mongodb-org/3.2 multiverse' > /etc/apt/sources.list.d/mongodb-org-3.2.list
  • echo 'deb http://repo.pritunl.com/stable/apt xenial main' > /etc/apt/sources.list.d/pritunl.list
  • echo "[Unit]\nDescription=High-performance, schema-free document-oriented database\nAfter=network.target\n\n[Service]\nUser=mongodb\nExecStart=/usr/bin/mongod --config /etc/mongod.conf\n\n[Install]\nWantedBy=multi-user.target" > /lib/systemd/system/mongod.service
  • apt-key adv --keyserver hkp://keyserver.ubuntu.com --recv 42F3E95A2C4F08279C4960ADD68FA50FEA312927
  • apt-key adv --keyserver hkp://keyserver.ubuntu.com --recv 7568D9BB55FF9E5287D586017AE645C0CF8E292A
  • apt-get update
  • apt-get install pritunl mongodb-org
  • systemctl start pritunl mongod
  • systemctl enable pritunl mongod
  • Create a setup key: pritunl setup-key

Setup

  • Connect to https://YOUR_DOMAIN
  • Enter the setup-key
  • Update username and password
  • Check "Public Address"
  • Add YOUR_DOMAIN to "LetsEncrypt Domain"
  • Save

Configuration

Users

  • Open Users-Tab and add a new organization
  • Add a user to the new organization

Server

  • Open Servers-Tab and select "Add server"
  • Choose a name for the new server and a Port (you can use the default port)
  • Optional: Click on advanced and disable "Restrict routing" if you do not want to route all client-traffic through the VPN
  • Select "Attach Organization" to add the server to your organization
  • Optional: Add a route to your Google Cloud network(s)
  • Optional: Remove the default route "0.0.0.0/0" if you do not want to route all client-traffic through the VPN
  • Select "Start Server"

Download config

  • Download the openvpn-config using the download-icon next to the user on the Users-Tab

Sources:

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment