Amazon Gift Card

Saturday, October 28, 2017

IPSec VPN set up in Google Cloud

I see a lot of articles lately on things getting hacked. I thought it would be best to find out how to protect myself when I am out shopping and connecting to the open wireless networks that most retail stores have set up to serve their customers. Let me first say that I am a huge fan of Google and that if you don't already have a google account, you will need one for this set up. Google Cloud Platform has a free tier and this will work perfectly.

Step 1 will be to go to Google Cloud platform (just type it in the google search bar and you will see it come up) and go to the Compute Engine and select VM Instances and click the Create button.


What we are going to do next is create an instance as seen below.


Under the name you can name it what ever you want. Zone is important because you must make sure to pick an area that is closer to you. If you select Zone you will be able to select zones all over the world.


It is also very important to select Allow HTTP traffic and Allow HTTPS Traffic. I selected Debian GNU/Linux 9 as an operating system for my VM, I would recommend this at the time of this writing for you as well. I selected the micro (1shared vCPU) with .6GB of Memory. This is about all you will need for this depending on the traffic that you will use and this will be cheapest as well. I still have not incurred any billing because of Google Cloud Platform's always free tier. 

Click Create and it will create an instance of the VM, which should not take very long at all.

Step 2 we will need to create firewall rules. You will need to mouse over VPC network and then click on Firewall rules.


The Firewall Rule page will pop up and we are going to create a new rule.


The selections above worked for me and at the time of this writing they should work for you too. Now they should show up on your Firewall rules page.


Step 3 is configuring your VM. Go to your VM instances and you should see your VM with a green check mark next to it.


Click on SSH and it will log you in automatically. You will get a popup that says connection and then you should get a screen something like this.


This is the command line (aka bash) for your VM. This particular VM does not come with a GUI. While you are at this command line you will want to type in the following:

wget https://git.io/vpnsetup -O vpnsetup.sh

This will download the script you need to automatically configure your linux Debian 9 server to act as the VPN server. After it is successfully downloaded you will need to use either nano or vim to open and edit the shell script with this command:

nano -w vpnsetup.sh


We will type in what every you want to be your IPSEC Pre-shared Key, Username, and Password between the single quotes as it states in the paragraph above it. Do not share this information with anyone. Make sure you have a strong password and pre-shared key. Press CTRL+X to exit, Y to save changes and Enter to confirm the changes. You will now find yourself at the command line (bash). Now we will run the script by typing the following in to the bash:

sudo sh vpnsetup.sh

This may take some time to install, but that is ok. After the script runs the installation is completed.


Make sure to annotate the Server IP, IPsec Pre-shared Key, Username, and Password. You will need these when you connect from your device.

Step 4 is connecting to VPN. I use an Android type phone so I will be showing you how to connect from that. There are also hundreds of tutorials out there that can help you whether you are connecting from a Windows system, iPhone, iMac, or other type of system. 

Navigate to the VPN settings as shown below.


Next, you will need to select the information as seen below:


You can give it whatever name you want, but make sure to select the L2TP/IPSec PSK. There are other types of VPN's and if those are selected in the drop-down then the connection will fail. Some phones may be different, but you will need to enter the IPSec pre-shared key, Username, and Password that you configured on the server. 

Very important to select Save account information so you don't have to remember username and password.



Select Connect and we should now be able to connect with no issues and enjoy browsing safely in open wireless connections. I hope this helps anyone out there that wants to set up a VPN. One thing to watch out for is that it will timeout when you are not using it and disconnect. Make sure the key symbol is showing on the top of the screen and you should be good. If it does ever time out just go back and re-connect and you should be fine. 

I do know that there are other ways out there to connect to a VPN and other solutions as well, but this was the easiest, has worked the best, and taken the least amount of time to configure and set up. I hope this helps anyone that needs it and please be sure to send me an email from my Contact Page if you have any questions or comments on my blog. 


No comments:

Post a Comment