Skip to main content
JustinType
🇬🇧

FR

EN

[Oracle VPS] Create your own VPN Server always free

·11 mins· 0 · 0 ·
Tuto VPS Oracle VPN Server OpenVPN Always Free
JustinType
Author
JustinType
Cybersecurity Engineer and CTF Player
Table of Contents
VPS Oracle - This article is part of a series.
Part 0: [Oracle VPS] Introducing Oracle's Cloud offering
Part 1: [Oracle VPS] Create your own Minecraft Server always free
Part 2: This Article
Part 3: [Oracle VPS] Create your own Cloud Server always free

Introduction #

This article is part of a series dedicated to hosting free services for life on a private server. In this one, I’ll show you how to create your own VPN server.

What is a VPN and how does it work? #

A VPN ("Virtual Private Network") is a tool that enables you to create a secure connection between your device (computer, smartphone, …) and the Internet.

A VPN creates a secure “tunnel” between your device and a remote server, which may be managed by a mainstream provider (such as NordVPN, CyberGhostVPN,…), by your company or in the context of this article by yourself!

All data passing through this tunnel is encrypted, which means that it is transformed into a format that is unreadable by anyone trying to intercept it.

The aim of a VPN is simple: to create a virtual, isolated and secure link between two points.

vpn_scheme_en

  1. VPN connection: You connect to a VPN server via an application called the VPN client.
  2. Data encryption: All data you send and receive is encrypted by the VPN client.
  3. Transmission via VPN server: Your encrypted data is sent to the VPN server. This server acts as an intermediary between your device and the Internet.
  4. Decryption and transmission: The VPN server decrypts the data and sends it to its destination on the Internet (e.g. a website).
  5. Data return: The data returned to your device passes through the VPN server again, where it is encrypted, sent to your device and finally decrypted by your VPN client so you can read it.

Or more simply:

vpn_meme

You’ll notice that the data is accessible in cleartext on the VPN server, so whoever manages the server can view your data as they see fit.

VPN use cases #

VPNs are generally used in 2 ways:

  • In a professional context
  • in a personal context

Professional use #

In a professional context, a VPN is generally used to access corporate resources (applications, files, etc.) securely, even if you are physically outside the company.

For example, to enable employees to telework or service providers to access certain resources, a company will set up a client-to-site VPN:

client_to_site

Another example is a very large company with subsidiaries abroad. If employees in Paris need to access resources located in New York, or vice versa, they will almost certainly use a site-to-site VPN:

site_to_site

In both cases, the VPN servers are managed by your company. Your company can view the data in transit via these servers, which is perfectly normal and legal.

Personal use #

In the personal sphere, we generally use a consumer VPN to be anonymous or to access geo-restricted resources. When you take out a subscription, you can access servers located in several different countries, depending on the provider:

cyberghost vpn interface

Learn more about the different types of VPN: SurfShark

Why use your own server? #

As we saw earlier, whoever manages the server can consult the data passing through it at any time, and this is the case for VPN operators in the general public.

Of course, they’ll tell you otherwise, and even make a sales pitch out of it - some may respect that - but don’t forget that nothing technically prevents them from selling your data, not to mention collaborating with government authorities.

Yes even for “VPN no log”, no noob no scam.

fb_meme

All right, maybe you’ve followed a good tuto to improve your privacy without relying only on a VPN or you just don’t need that level of privacy.

“As long as I can access US or Japanese Netflix, I don’t care “.

Well, the big streaming platforms are setting up more and more processes to detect whether you’re using a VPN.

You can quickly find yourself faced with this type of message and be unable to do anything about it.

netflix_detection

I won’t go into the technical details of how Netflix can detect if you’re using a VPN, here are some resources for those who want to dig in:

Things to remember: Using your own server gives you much greater control over your data and considerably reduces platform detection, but doesn’t make it non-existent.

Solution chosen: OpenVPN #

Did you know that all consumer VPNs rely on the same basic protocols to establish a secure tunnel?

That’s right! If you look at the technical documentation for these VPNs, you’ll soon realize that they all use the same protocols:

  • OpenVPN
  • IPSec / IKEv2
  • Wireguard
To find out more about these different protocols: Avast

You can even choose which protocol to use in some of them:

cyberghost1

cyberghost2
Protocols used by CyberGhost VPN

While commercial VPN services offer convenience and support, the underlying technology is accessible to all. With a little technical knowledge and time, anyone can set up and use a VPN for free.

That’s exactly what we’re going to do with the OpenVPN protocol.

Pros #

We’ve chosen this protocol because it offers a number of advantages:

  • It’s open-source, meaning that its source code is publicly available. This means total transparency and continuous improvement of the protocol, as anyone can contribute to the code.
  • It has a large community, which guarantees regular updates and extensive documentation.
  • It’s multi-platform, so you can use it on Windows, MacOS, Linux, Android or iOS.
  • It’s free for life!

Cons #

Although this solution is free, secure and simple, it does have certain limitations:

  • the country of the VPN server
  • the number of simultaneous connections

Indeed, as we saw earlier, a company offering a VPN for the general public has several servers in several countries. When you pay, you can choose which server to access, and therefore which country.

In our case, we’ll only have access to one country → the one where we create our Oracle account. When creating your account, you’ll be asked which region to use, you won’t be able to change once the account has been created.

So think carefully about what you want, if you want to use Oracle’s offer for a VPN in the USA for example you’ll need to choose the region accordingly. If you also want to use Oracle’s offer for a game server like Minecraft, a remote server will lower performances → It’s up to you to choose what’s most important!

What’s more, OpenVPN documentation, specifies that you are limited to 2 simultaneous free connections.

You can install as many VPN clients on different devices, but you can only use 2 simultaneously.

In comparison, offers like CyberGhost VPN give you access to 7 simultaneous connections or NordVPN to 10 simultaneous connections.

For “personal” use, OpenVPN’s free offer is perfectly adequate.

For “family” use, however, you may need to look at consumer solutions.

Well, now that you know everything, let’s get started!

OpenVPN server creation #

You are strongly advised to read the introduction of this serie, in which I present OCI’s “Always Free” offer, which we are going to use. Notions such as creating a VM, allocating its resources, accessing it, transferring files, configuring the firewall, … were covered.

Thumbnail Oracle Minecraft Server
→ Read the introduction of this serie

Creating an instance #

To start with, we’ll need to create an instance. The great thing about Oracle Cloud is its marketplace, think of it as an online store.

In the marketplace, you can find images of VMs with instances already configured.

And just in time, there’s an image for making your own OpenVPN server, which is what we’re going to use!

Go to this page and click on “Get App” :

marketplace1

Select the “Commercial Market” option and log in by clicking on “Sign in”:

marketplace2

As you can see, this image is totally free!

Accept Oracle’s terms of use and click on “Launch Instance”:

marketplace3

You’ll arrive on the instance creation page - everything’s already done for you!

This instance uses a Standard.E2 Micro VM, and by default features:

  • 1 OCPU
  • 1 GB RAM
  • 47 GB storage space
  • OS: Ubuntu
If you intend to use more applications on this VM, you can increase the allocated resources.

Here I’m simply naming the VM but I’m not touching anything else:

instance1

Don’t forget to download the SSH key to access your instance:

instance2

If you see a price for Boot Volume, don’t pay any attention, it’s just Oracle’s automatic calculation tool, which doesn’t take the “Always Free” offer into account, but you won’t be charged.

You can create the instance:

instance3

Once the instance has been created and is ready for use, make a note of its IP address:

instance4
Here the IP is modified

The ubuntu user is not authorized to connect remotely to this VM, so another user has been specially created: openvpnas.

Connect to your instance with this user via the SSH command:

ssh openvpnas@[IP_of_your_VM] -i [ssh_key]

Installing OpenVPN #

On your 1st connection, OpenVPN will ask you to accept its terms and conditions (EULA):

openvpn_cli1

Type “yes “ to accept:

openvpn_cli2

OpenVPN will ask you several questions for its configuration, you can simply press Enter at each question to validate the default configuration:

openvpn_cli3

After a few questions, OpenVPN will ask you which user can access the admin panel. You can leave the user openvpnas.

You’ll then need to assign a password and confirm it:

openvpn_cli4

When you enter a password on a Linux CLI, it is not displayed for security reasons. Even if nothing is displayed, your password is taken into account by the system.

Once you’ve entered your user name and password, OpenVPN will complete its installation and display information on how to connect to the admin panel:

openvpn_cli5

OpenVPN will display the url with the public IP of your subnet (starting with 10.0…) and not the IP address of your VM. You will need to use the url with the IP of your VM for the OpenVPN configuration, but for the moment this url is not accessible because the ports are not open.

Let’s configure the firewall.

Firewall configuration #

Here are the ports to open:

firewall1
See OpenVPN documentation for OCI

On Oracle, this is the result:

firewall2

You can now connect to the OpenVPN admin panel via the url: https://[IP_of_your_VM]/admin.

connexion1

A message telling you that the connection is not private will be displayed, as the certificate generated by OpenVPN is self-signed. This is normal operation.

Continue to the application:

connexion2

Log in with the user you created earlier:

openvpn_web1

And accept EULA (again):

openvpn_web2

VPN configuration #

We’re now going to configure the OpenVPN server.

First of all, OpenVPN sets your subnet’s IP address (the one starting with 10.0…) as the default IP, but nobody will be able to access it. You’ll need to set your VM’s IP address in the network settings:

openvpn_configuration1

You will then need to authorize Internet traffic to be routed by the OpenVPN server and to enter public DNS, in this case those of CloudFlare, in the VPN settings:

openvpn_configuration2

Don’t forget to save changes !

Create a user who will be authorized to use the OpenVPN server and who will be able to connect automatically:

openvpn_configuration3

Finally, update the server :

openvpn_configuration4

Wait a few seconds for the server to take these changes into account. Your OpenVPN server is now ready for use!

Using your own VPN #

You can now use your own VPN server, and connect to it in 2 ways:

  • Install a pre-configured OpenVPN client
  • Install an OpenVPN client and configure it yourself

Installing a pre-configured OpenVPN client #

Go to the url https://[IP_of_your_VM] with your user account :

openvpn_install1

You can download an OpenVPN client already set up on the desired OS:

openvpn_install2

Once downloaded, install the client (follow the installer steps):

openvpn_install3

And that’s it! The OpenVPN Connect client is now installed on your machine, with your profile already set up:

openvpn_install4

All you have to do is click on the button to use your VPN server:

openvpn_install5

Installing an OpenVPN client and configuring it yourself #

If you don’t install the OpenVPN client already set up, then you’ll have to do it yourself.

Download the client from: https://openvpn.net/client/

Install the client and enter your server’s URL:

openvpn_install6

Accept the certificate :

openvpn_install7

Enter your user account details:

openvpn_install8

Click on Import and voilà! You can now log in:

openvpn_install9

Sharing access to your VPN server #

If you want to share access to your VPN server without giving away the user account password, you can share the user profile:

openvpn_share1

You will obtain this type of file:

openvpn_share2

Anyone wishing to access your VPN server simply needs to download the OpenVPN client and import the profile:

openvpn_share3

VPN test #

You can now test your VPN with the WhatIsMyIPAddress website.

Without VPN, you can see my ISP’s IP address and my approximate location:

openvpn_test1
IP address modified

With VPN, you can see that the IP address detected by the site is the one from my OpenVPN server and that the ISP and location correspond to the Oracle server:

openvpn_test2

The OpenVPN server is now up and running!

Conclusion #

In this article, I’ve shown you how to create your own OpenVPN server free for life using Oracle Cloud Infrastructure’s “Always Free” offer.

The aim was to provide you with practical knowledge while introducing you to the field of networking and IT security.

After reading this article, you’ll now know :

  • What a VPN is
  • How a VPN works
  • The different types of VPN
  • Create your own free VPN server for life

I hope you’ve enjoyed reading the article, if you have, please feel free to like it and share it with any friends or colleagues who might be interested!

VPS Oracle - This article is part of a series.
Part 0: [Oracle VPS] Introducing Oracle's Cloud offering
Part 1: [Oracle VPS] Create your own Minecraft Server always free
Part 2: This Article
Part 3: [Oracle VPS] Create your own Cloud Server always free