The Accidental Techie: Darshan Joshi
Take Control of Your Online Privacy: Building a VPN for Beginners - DIY

Photo by Petter Lagson on Unsplash

Take Control of Your Online Privacy: Building a VPN for Beginners - DIY

Darshan Joshi's photo
Darshan Joshi
·

12 min read

Table of contents

Namaste and hello everyone! Ever feel like the internet is watching your every move? Want to browse freely without restrictions, but worried about privacy? Well, fret no more! In this blog post, we'll exploring the treks for he exciting journey of building your very own beginner friendly VPN.

That's right, with a little effort, you can take control of your online privacy and unlock the internet like never before. I would like to thank Piyush Garg for explaining the concept of VPN and Implementation in DIY manner in his latest video on YouTube.

Please check out his channel for more amazing content : https://www.youtube.com/@piyushgargdev

So, grab a cup of chai, settle in, and get ready to become the master of your online stealth!

What is VPN?

Well, Let us start by giving the definitions which are traditionally used everywhere,

A VPN, or virtual private network, is a service that encrypts a user's data and masks their IP address to protect their privacy and online security. This allows users to connect to a network over the internet from a device while hiding their identity, location, and browsing activity.

It is quite simple to understand by reading the above stated definition that VPN is a tool that provides you anonymity and security. Let us understand it with more context and little bit fun!

Imagine the internet as a bustling bazaar. You can find anything you want, but everyone can see what you're browsing, just like shopkeepers keeping an eye on customers. This can be a problem if you want privacy or access websites that might be restricted in your area.

Here's where a VPN comes in, acting like your personal rickshaw wala! A VPN, or Virtual Private Network, creates a secure tunnel between your device (phone, laptop, etc.) and the internet. All your online traffic travels through this tunnel, hidden from prying eyes like your internet service provider (ISP).

Credits : ConceptDraw

How Does a VPN Work?

Think of the VPN architecture like a three-part play:

  1. Your Device: This is you, standing in the bustling bazaar, wanting to buy something.

  2. VPN Server: This is your rickshaw stand, located in a different part of the city (maybe even another country!).

  3. The Internet: This is the entire bazaar, with all its shops and vendors.

Here's how it works:

  • Boarding the Rickshaw: You connect your device to the VPN server. This creates a secure connection, like a private cabin inside the rickshaw.

  • Hidden Journey: All your internet traffic (browsing, downloads, etc.) goes through the VPN server's tunnel. It's like traveling hidden from the crowd in the rickshaw.

  • Reaching Your Destination: The VPN server acts as your middleman. It receives your internet requests, forwards them to the websites you want to access, and then sends the information back to you, all while keeping your original location hidden. It's like the rickshaw dropping you off at your chosen shop without anyone noticing where you came from.

Benefits of Using a VPN

You will ask, What will be the benefits for configuration of VPN server. Well, Do not worry, It will be beneficial in such way which is stated as below:

  • Privacy on the Go: No more worries about your ISP or others tracking your online activity. It's like having a secret passage in the bazaar, hidden from everyone!

  • Bye-Bye Restrictions: Access websites that might be blocked in your area. The VPN server acts like a bridge, taking you to parts of the bazaar you couldn't reach before.

  • Enhanced Security: The encrypted tunnel protects your data from prying eyes, especially on public Wi-Fi networks. Think of it as a bulletproof rickshaw keeping you safe from online dangers.

That's all from my side for VPN and its working. I hope you will get the real basic idea of VPN and benefits of VPN for your own ! Furthermore, we will see how we can create a VPN on a small scale without paying lesser amount of money ! Because, as we know as Indians, we like to devour free stuffs😁.

Implementation of VPN

Okay, I hope you are ready for the next phase ! We will be using the below tools for implementing the DIY - small scale VPN.

  • AWS - EC2 (Elastic Compute Cloud) Instance

It would not cost a lot on your AWS Billing account, as we can use least amount of resources for the implementation.

  • OpenVPN

OpenVPN is a network security company serving the secure remote access needs of small businesses to the enterprise. We are going to use their free services for implementation.

First of all, we will navigate to documentation of OpenVPN which comes under the Resources section -> Access Server -> Documentation.

We need to create VPN using the AWS EC2 instance, for that reason, we need to follow the guide.

You can install and configure the OpenVPN on any of the cloud service providers, but for current instance we will use AWS instance. More specifically, We will use AWS BYOL (Bring Your Own License).

Here we can find the full fledged guide for OpenVPN installation and configuration. You can follow the procedures according the guide.

AWS - EC2 Instance Creation

Okay ! So fellas, we will move the AWS console, where we will be creating the EC2 Instance for our implementation.

Below is the image which is showing the AWS console. Kindly note the blue rectangular indicator (Pardon me, I could not edit it properly as the thought occurred very lately😂).

It is suggesting that I am currently / I will be using the resources from Ohio (USA) as you can surely understand that it does not have any significance that I reside in India and also deploy the VPN in India itself !

Therefore, Kindly remember to change the region for the resources for this particular implementation. You may choose any region / country other than your residing country for VPN implementation.

So, we will go to the home screen for EC2 by clicking on EC2. You can also navigate using the different ways like the sidebar which has all the services being provided by AWS.

You may see that in the above image, we need to navigate for reaching the instance creation. You can click on Launch Instance or Instances(running).

You will reach on the Instance creation creation. Here we will give the proper name for the instance. As you can see that I have given the name according to my intentions and requirement.

As you can see in the image, you need to click on the indicator in the image which is browse more AMIs .

It will lead to AMIs Marketplace as we will require specific Machine Image for OpenVPN BYOL implementation and configuration !

In the marketplace, we will search for OpenVPN machine images. You will find many options for MIs. We will currently select the option indicated in the image below.

You may select the other machine images as they are paid. therefore, selection is all up to the individual requirement and situation.

After the Machine Image selection, We will be shown the below image, which will describe the details for OpenVPN Access Server Machine Image.

As you can see, there is a minimal pricing for the machine image, where OpenVPN is free but hosting it on the EC2 instance has some pricing which is negligible for our case.

You may choose to subscribe instantly or you may choose to subscribe when your instance is launched, which is usable when your pricing is on the higher part !

Now , it is required that we create the SSH key-pair for accessing the instance from the remote instance. You may find the option for key-pair creation below the AMI details.

You may select the option of private key and key-pair type as per accordance. We will use the RSA and .PEM file format for storing the access key-pairs. Give the suitable name for key-pair. Store the key-pair as we will require to use it for accessing the instance in next section.

As you can see in the image above, due to selection of OpenVPN machine image, it automatically creates the security groups with options required to implement the OpenVPN on the instance. Now, We can launch the instance, It may take up to 2 to 3 minutes for the instance to up and running. You can see the instance running in the zone which we have used the resource.

Congratulations ! We have successfully created the AWS EC2 instance with custom Amazon Machine Image from OpenVPN !

Accessing the Instance : Using SSH

Let's move further for accessing our deployed instance. It would require that we change the file permissions for key-pair which we have created earlier and stored in our local system.

If you are using Linux as your host operating system, using the below command will give the file permissions which we require.

chmod 400 [YOUR-KEY-FILE].pem

As I am using the Windows machine host operating system, we have different alternative for the requirement

The commands which is required are given in the below code prompt. You may use it for the file permissions.

icacls.exe [YOUR-FILE-NAME].pem /reset
icacls.exe [YOUR-FILE-NAME].pem /grant:r "$($env:username):(r)"
icacls.exe [YOUR-FILE-NAME].pen /inheritance:r

Now, We are ready to access our instance, but wait ! we need to follow one more rule before SSH into our instance which is deployed.

In the OpenVPN documentation, it is mentioned to use the particular username for SSH into the instance. Normally, We use the key-pair and public IPV4 address for SSH into the instance. In this case, it is required to use openvpnas as the username while SSH.

SSH command is as per shown in the image. Enter the "Yes" as the option for continuation of connecting.

ssh -i [YOUR-FILE-NAME] openvpnas@[PUBLIC-IPV4-ADDRESS]

As soon as we connect to the instance, it requires some information regarding the setup for OpenVPN on the instance.

You need to select "Yes" in most questions appearing in the terminal prompt . Kindly remember to select network interface and IP address which is to be used by Admin Web UI. which is should be accessible from all the interfaces.

You also need to create a user and credentials for login into the Admin portal and Client UI. Remember the credentials as we will be using those in next section.

After answering all the prompted questions, you need to wait for configuration and setup to be completed.

Congratulations ! We have completed one more important and main step for implementation of VPN😊

OpenVPN : Admin Panel Access

You will be seeing the Admin UI address on your terminal screen, copy the address and go to the browser and open a new tab. After that paste your link.

It will or it may show that it is unsafe to proceed further, but you need to choose advance options and proceed further.

You will see the login screen as per the image which is shown above. We will put the credentials which we have created earlier and will sign in for the admin panel.

As per our current setup and free plan, we can use 2 VPN connection for tunneling the traffic. As soon as we will setup the client side application and connect to the server, it will be reflected here on the image in above.(Sorry ! I forgot to take the snapshot of that screen😁)

OpenVPN : Client Setup

For client UI setup in OpenVPN, there is nothing special which is needed to be done ! you can access the client panel using the link which is given in the terminal or you may choose the admin panel link but remove the admin controller from the link. It will navigate to client setup.

It will be showing the same login screen as Admin panel login screen. We will use the credentials we have created earlier.

We can see the image as per below. It will give the recommendation based on your system which you are using but also as you can see, it is available for all the platforms for usage.

We will use the OpenVPN Connect - Windows edition, as I am using the Windows machine.

Real Test - VPN Connection

You can see the OpenVPN application's layout in the above image. One thing you may notice that it comes with the default binding with your OpenVPN setup from the instance we have deployed.

We will use the below website to check whether the VPN setup is working properly or not!

https://whatismyipaddress.com/

  • Before Connecting to the VPN

We can see the IP Address and information in the website with the location in approximation.

  • After Connecting to the VPN

As you can see in the above image, VPN tunneling is started successfully. It may take some time for connection to be established.

Now again, we will access the IP address information website which we have used earlier.

As we can see, The ISP and locations has been changed based on the VPN proxy server.

Congratulations ! We have completed the small scale VPN implementation. Cheers to the efforts and learning zeal.

Speed of Network : Which is Faster?

Imagine you're cruising down the wide-open Information Highway in a sleek car (your normal internet connection). Everything's fast and smooth. Now, picture yourself navigating a maze of narrow, winding backstreets (a VPN connection) to reach the same destination. It might take a little longer, but you get there eventually!

This analogy perfectly captures the difference in speed between using a VPN and regular internet traffic. Here's a breakdown:

  • Regular Traffic: This is like taking the direct highway. Your data travels the shortest distance possible between your device and the website you're accessing. This translates to faster speeds for browsing, downloading, and streaming.

  • VPN Traffic: When you use a VPN, your data takes a detour. It first gets encrypted (adding an extra layer of security, like a bulletproof shield on your car) and then travels to a VPN server in another location. The server then decrypts the data and forwards it to the website you want to access. Finally, the response comes back through the VPN server and gets decrypted again before reaching your device. This extra processing and travel time can lead to a slower internet connection compared to regular traffic.

How Much Slower Can a VPN Be?

The speed decrease can vary depending on several factors:

  • Distance to VPN Server: Connecting to a server far away will add more travel time for your data, slowing things down. Think of it like taking a longer detour through winding backstreets.

  • VPN Server Load: If the VPN server is overloaded with users, it can cause delays in processing your data, similar to traffic congestion on the backstreets.

  • Encryption Strength: Stronger encryption offers better security but requires more processing power, potentially impacting speed slightly. Imagine adding thicker bulletproof armor to your car, making it a bit slower.

The Trade-Off: Speed vs. Security

While a VPN might slow down your internet connection a bit, the security benefits are undeniable. It's like choosing between a fast but risky route (regular traffic) and a slower but secure one (VPN). The good news is, the speed reduction for most users with a decent internet connection is often minimal and hardly noticeable for everyday browsing.

Conclusion

I hope you have enjoyed the learning experience so far ! Please stay tuned for more amazing resources and things which needs to be figured out !

The Accidental Techie signs off !!!!!

vpnLearning JourneyAWS