Skip to content

Instantly share code, notes, and snippets.

@simply-be

simply-be/openvpn_on_google_cloud.md

Forked from neuni/openvpn_on_google_cloud.md
Last active July 26, 2019 19:22
Show Gist options
  • Save simply-be/4c57d4cd749eafaa0dfd4be9966501be to your computer and use it in GitHub Desktop.
Save simply-be/4c57d4cd749eafaa0dfd4be9966501be to your computer and use it in GitHub Desktop.
Download ZIP
Create a openVPN server on Google Cloud Platform to connect to your Google Cloud network using openVPN and/or to route your internet traffic through the VPN (Road Warrior Scenario) rev 2018-12-17
Raw
openvpn_on_google_cloud.md

Install openVPN server on Google Cloud using Pritunl (rev. 2018-12-17)

Purpose:

Create a openVPN server on Google Cloud Platform to connect to your Google Cloud network using openVPN and/or to route your internet traffic through the VPN (Road Warrior Scenario)

Create instance

  • Create new instance in default network
  • Choose Ubuntu 18.04 LTS
  • Check "Allow HTTP traffic" and "Allow HTTPS traffic"
  • Add the tag "vpn-server"
  • Enable IP forwarding
  • Add static external IP

Create DNS record

  • Create a dns-record for the new static IP

Instance setup

  • Connect to your instance using SSH
  • echo 'deb http://repo.mongodb.org/apt/ubuntu bionic/mongodb-org/4.0 multiverse' > /etc/apt/sources.list.d/mongodb-org-4.0.list
  • echo 'deb http://repo.pritunl.com/stable/apt bionic main' > /etc/apt/sources.list.d/pritunl.list
  • echo "[Unit]\nDescription=High-performance, schema-free document-oriented database\nAfter=network.target\n\n[Service]\nUser=mongodb\nExecStart=/usr/bin/mongod --config /etc/mongod.conf\n\n[Install]\nWantedBy=multi-user.target" > /lib/systemd/system/mongod.service
  • apt-key adv --keyserver hkp://keyserver.ubuntu.com --recv 9DA31620334BD75D9DCB49F368818C72E52529D4
  • apt-key adv --keyserver hkp://keyserver.ubuntu.com --recv 7568D9BB55FF9E5287D586017AE645C0CF8E292A
  • apt-get update
  • apt-get install pritunl mongodb-org
  • systemctl start pritunl mongod
  • systemctl enable pritunl mongod
  • Create a setup key: pritunl setup-key

Setup

  • Connect to https://YOUR_DOMAIN
  • Bypass the security warning (if you understand some of the implications)
  • Enter the setup-key
  • Bypass the security warning (if you understand some of the implications)
  • Login using default credentials pritunl/pritunl
  • Update username and password (very important. Don't use the defaults.)
  • Check "Public Address"
  • Add YOUR_DOMAIN to "LetsEncrypt Domain"
  • Save

Configuration

Users

  • Open Users-Tab and add a new organization
  • Add a user to the new organization

Server

  • Open Servers-Tab and select "Add server"
  • Choose a name for the new server and a Port (you can use the default port)
  • Optional: Click on advanced and disable "Restrict routing" if you do not want to route all client-traffic through the VPN
  • Select "Attach Organization" to add the server to your organization
  • Optional: Add a route to your Google Cloud network(s)
  • Optional: Remove the default route "0.0.0.0/0" if you do not want to route all client-traffic through the VPN
  • Select "Start Server"

Download config

  • Download the openvpn-config using the download-icon next to the user on the Users-Tab

OpenVPN Clients

Sources:

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment