Starting an OpenVPN Server on Google Cloud
This guide and the video below will step you through getting an OpenVPN server running on Google Cloud, which you may find useful for doing things with a pseudo anonymous IP. The script used will start a preemptible instance and uses a dynamic IP address from Google.
To begin, you'll need to be logged into your Google Cloud Shell.
Clone the Gist
From the Google command line shell, clone the gist into your home directory:
$ git clone https://gist.github.com/kordless/de9854c9334f00f4176fac8c0ca67d0e vpn [master 69db743] foo 1 file changed, 0 insertions(+), 0 deletions(-) mode change 100644 => 100755 start-vpn.sh
Change into the directory and set the script's mode bits to execute:
$ cd vpn $ chmod 755 start-vpn.sh
Start the Instance
Start the instance:
$ ./start-vpn.sh Created [https://www.googleapis.com/compute/v1/projects/wisdom-172109/zones/us-west1-b/instances/vpn-ct7w]. NAME ZONE MACHINE_TYPE PREEMPTIBLE INTERNAL_IP EXTERNAL_IP STATUS vpn-ct7w us-west1-b n1-standard-1 true 10.138.0.6 126.96.36.199 RUNNING Creating firewall...|Created [https://www.googleapis.com/compute/beta/projects/wisdom-172109/global/firewalls/vpn-allow-8787-ct7w]. Creating firewall...done. NAME NETWORK DIRECTION PRIORITY ALLOW DENY vpn-allow-8787-ct7w default INGRESS 65535 tcp:8787 Creating firewall...|Created [https://www.googleapis.com/compute/beta/projects/wisdom-172109/global/firewalls/vpn-allow-3838-ct7w]. Creating firewall...done. NAME NETWORK DIRECTION PRIORITY ALLOW DENY vpn-allow-3838-ct7w default INGRESS 65535 tcp:3838 VPN server will be available for setup at https://188.8.131.52 in a few minutes.
Grab some coffee and then click on the server's URL in the shell after a few minutes.
Configure the Server
The rest of this setup will be discussed in the video guide. If you want, you can do this without watching the video by heading over to the configuration docs on the pritunl site.
Either way, you'll also need to install the pritunl client (scroll to the bottom). Do this step before you do anything else.
Remember, the default user/pass for the pritunl server is:
Lastly, you will need to open up whatever random UDP port the server gives you when you create it. Copy it into your paste buffer and then hit the firewall configuration in the Google Cloud console to create it!
I apologize in advance for covering up some of the buttons with my head. You'll be OK though, given the UI on the server setup is pretty straightforward. Be sure to refer to the guide above if you get stuck!
That's about it. Happy secops!