Why create your own VPN?

Creating your own VPN can sound quite complicated, but it doesn’t need you to be a developer to do it. Yes it will need you to get a bit technical, but in the end you the benefits will be worth it.

Just like all other VPNs, you will be shifting your data from your ISP to your cloud provider. However, with your own VPN, you can boot up a new VPN server and connect to it in minutes. After that, you can just delete your instance, and it will be like the VPN server never existed.

Deploy the instance using GCP free tier:

For content purpose, i will use the Google Cloud Platform free tier. The Compute engine free tier includes:

  • 1 non-preemptible e2-micro VM instance per month in one of the following US regions:
    • Oregon: us-west1
    • Iowa: us-central1
    • South Carolina: us-east1
  • 30 GB-months standard persistent disk
  • 5 GB-month snapshot storage in the following regions:
    • Oregon: us-west1
    • Iowa: us-central1
    • South Carolina: us-east1
    • Taiwan: asia-east1
    • Belgium: europe-west1
  • 1 GB network egress from North America to all region destinations (excluding China and Australia) per month

How to create your own VPN on the cloud with OpenVPN

Here’s the outline of creating your own VPN:

  1. Create a free account at GCP
  2. Create a new instance in the choosen region.
  3. Download OpenVPN script from GitHub repository on your instance
  4. Install OpenVPN
  5. Set up your devices to connect to the VPN

DISCLAIMER: The instance will be assigned only to one region. Changing the deployment region requires that the server must be deleted and booted up in another one.

Create a Google Cloud instance

Go to Compute Engine --> VM instances and click “create instance”

  • Choose an instance name, mine will be open-vpn

  • Choose a region and zone, mine will be:

    1. Region: europe-west1
    2. Zone: europe-west1-b

  • Machine type: e2-micro (2vCPU, 1 GB memory)

  • Choose the OS image: CentOS 7

    • Size: 30 GB

  • Assign network subnet

  • Add SSH keys

The result should be something like that:

Reserve the Public IP Public IP will change each time the instance boots up again, for this reason i highly reccoment to reserve the assigned public IP:

  1. Go to VPC Network --> IP addresses
  2. Select reserve for the instance’s public IP

Download and install OpenVPN script

  1. Access to the instance via SSH
  2. Download script from GitHub repository:
curl -O https://raw.githubusercontent.com/angristan/openvpn-install/master/openvpn-install.sh
chmod +x openvpn-install.sh
  1. Make it executable:
./openvpn-install.sh
  1. Follow the script instructions:
- Update the suggested private IPv4 with the Public one: 34.79.183.178
- Enable IPv6: no
- Choose a listen port: default
- Choose the protocol: UDP
- Choose the DNS resolver: Google
- Use compression: no
- Encryption settings customization: no

- Client name: open-vpn
- Protect the configuration file with a password: Add a passwordless client

The configuration file has been written to /home/my-user/open-vpn.ovpn
  1. Save the configuration file in your local PC

Set up your devices to connect to the VPN

I use OpenVpn client, starting the VPN connection via terminal:

  1. Locate your .ovpn configuration file
  2. Run the following command
sudo openvpn --config ./open-vpn.ovpn
  1. Public IP has changed based on configuration file, traffic has been redirect towards GCP instance: