Create a openVPN server on Google Cloud Platform to connect to your Google Cloud network using openVPN and/or to route your internet traffic through the VPN (Road Warrior Scenario)
- Create new instance in default network
- Choose Ubuntu 18.04 LTS
- Check "Allow HTTP traffic" and "Allow HTTPS traffic"
- Add the tag "vpn-server"
- Enable IP forwarding
- Add static external IP
- Create a dns-record for the new static IP
- Connect to your instance using SSH
echo 'deb http://repo.mongodb.org/apt/ubuntu bionic/mongodb-org/4.0 multiverse' > /etc/apt/sources.list.d/mongodb-org-4.0.list
echo 'deb http://repo.pritunl.com/stable/apt bionic main' > /etc/apt/sources.list.d/pritunl.list
echo "[Unit]\nDescription=High-performance, schema-free document-oriented database\nAfter=network.target\n\n[Service]\nUser=mongodb\nExecStart=/usr/bin/mongod --config /etc/mongod.conf\n\n[Install]\nWantedBy=multi-user.target" > /lib/systemd/system/mongod.service
apt-key adv --keyserver hkp://keyserver.ubuntu.com --recv 9DA31620334BD75D9DCB49F368818C72E52529D4
apt-key adv --keyserver hkp://keyserver.ubuntu.com --recv 7568D9BB55FF9E5287D586017AE645C0CF8E292A
apt-get update
apt-get install pritunl mongodb-org
systemctl start pritunl mongod
systemctl enable pritunl mongod
- Create a setup key:
pritunl setup-key
- Connect to https://YOUR_DOMAIN
- Bypass the security warning (if you understand some of the implications)
- Enter the setup-key
- Bypass the security warning (if you understand some of the implications)
- Login using default credentials pritunl/pritunl
- Update username and password (very important. Don't use the defaults.)
- Check "Public Address"
- Add YOUR_DOMAIN to "LetsEncrypt Domain"
- Save
- Open Users-Tab and add a new organization
- Add a user to the new organization
- Open Servers-Tab and select "Add server"
- Choose a name for the new server and a Port (you can use the default port)
- Optional: Click on advanced and disable "Restrict routing" if you do not want to route all client-traffic through the VPN
- Select "Attach Organization" to add the server to your organization
- Optional: Add a route to your Google Cloud network(s)
- Optional: Remove the default route "0.0.0.0/0" if you do not want to route all client-traffic through the VPN
- Select "Start Server"
- Download the openvpn-config using the download-icon next to the user on the Users-Tab
- Pritunl https://client.pritunl.com/
- iOS OpenVPN Connect