DEV Community

Cover image for Building Your Own VPN for Free

Building Your Own VPN for Free

William Baptist on August 21, 2023

VPN companies have advertisements everywhere, there’s a reason they sponsor most tech YouTubers (they’ve even tried it with me) but you don’t need ...
Collapse
 
thomasbnt profile image
Thomas Bnt

Hello good post !

Don't hesitate to put colors on your codeblock like this example for have to have a better understanding of your code 😎

console.log('Hello world!');
Enter fullscreen mode Exit fullscreen mode

Example of how to add colors and syntax in codeblocks

Collapse
 
baptistsec profile image
William Baptist

It's Linux commands not code so there aren't many colours but I've made the changes, thanks for the heads-up.

Collapse
 
thomasbnt profile image
Thomas Bnt

Maybe with bash language can work!

Thread Thread
 
baptistsec profile image
William Baptist

Yes, it is bash

Collapse
 
pavonz profile image
Andrea Pavoni • Edited

Not to sound harsh in my comment, but I feel the need to state some important points on why it’s not free:

  • vps/cloud servers have a cost
    and bandwidth costs even more

  • maintenance has a cost in terms of time

Other notes:

  • it’s “private” in terms of access, but it doesn’t prevent tracking or any kind of anonymization for your data
Collapse
 
baptistsec profile image
William Baptist

For sure, I just want to show alternatives to paid options in cybersecurity so it can become more accessible. You will need to do more than this to have your own VPN, but just buying a VPN isn't the only option.

Collapse
 
pavonz profile image
Andrea Pavoni

Sorry to insist, but this isn't a reliable alternative because:

  • it gives a false sense of security, especially to people who haven't enough knowledge/experience about cybersecurity basic concepts, other than how cloud services work. For example:

  • it might generate high billings if someone thinks bandwidth is coming for free

  • user might get banned from a cloud platform for abusing/misusing their services: imagine getting banned from AWS, GCP or Azure, where you already have some services running for your business

  • the server where is running the VPN software isn't updated properly/regularly, resulting in potential data breaches

You will need to do more than this to have your own VPN, but just buying a VPN isn't the only option

I'm sure you meant something more coherent, but these two sentences are contradicting each other:

  • you need a lot more work and knowledge to build a reliable VPN
  • buying a VPN is almost the only option IF you don't know what you're doing

I admire the purpose of your article, but I also think that certain knowledge should be spread with more depth. Security can't be improvised.

Thread Thread
 
baptistsec profile image
William Baptist • Edited

I don't think you can get banned from AWS etc. by making and testing your own VPN. My intention is not to use this in an enterprise setting and more of a small project at home using your own hardware.
For sure buying is the only option if you don't know what you are doing but if you can learn then it isn't. If you're testing something out as a base for something better then you can improvise through testing until you know it works.

Thread Thread
 
pavonz profile image
Andrea Pavoni

I don't think you can get banned from AWS etc.

You can be banned. Every platform has policies about how you are going to use their services, bandwidth is included.

My intention is not to use this in an enterprise setting

What you said can't be confirmed by a title that says: Building Your Own VPN for Free and a body where there isn't any kind of disclaimer about this other than claiming that you can build a VPN for free without the need to buy a professional one.

and more of a small project at home using your own hardware

this somewhat contradicts the main pillars of a VPN, which is basically a way to create a tunnel connection between hosts and/or networks which aren't physically on the same spot (hence the name).

I hope you're aware that the contents of this post are almost the same of what you can find on the main OpenVPN website (or blogs around the web) since 2004. It's ok to repost, but in 2023 the expectations about content quality for old stuff should be a must.

Thread Thread
 
phtn profile image
phtn458

Can you write code instead?

Collapse
 
spo0q profile image
spO0q

I appreciated your post. Straight to the point!

However, you should be careful with your statement, IMHO. Building and maintaining your own VPN services can be risky.

You don't get better security or privacy if you don't know what your doing.

Because your tutorial seems to target beginners and has tags like cybersecurity, I would recommend some disclaimers or warnings about the potential dangers, especially if you plan to make sensitive operations.

It's easy to misconfigure your tunnel and expose your data.

Collapse
 
moopet profile image
Ben Sinclair

I think the biggest warning this post needs is that if you're intending to use your personal VPN for anything other than trivial traffic, and you're using a cloud VPS, you're going to run up huge bills for bandwidth.

Instead of being "free", this will cost you roughly the same per month for the VPS as one of those YouTube-spamming VPNs cost, and many times that in additional bandwidth.

It's fine for setting up between, say, your home and a friend's home though. In fact, it's a perfect fit for that job.

Collapse
 
semo profile image
semo

Needs more in-depth explanation why and where you scraped the configuration setup. Also I don't think that Cloud Services will let you not pay for using bandwidth you suddenly request. Can be very expensive 🫰
Sources???

Collapse
 
treblecode profile image
trebleCode

Any thoughts on scripting it?

Collapse
 
forcegetnecmettin profile image
forcegetnecmettin
curl -O https://raw.githubusercontent.com/angristan/openvpn-install/master/openvpn-install.sh
chmod +x openvpn-install.sh
./openvpn-install.sh
Enter fullscreen mode Exit fullscreen mode

you can check for openvpn-install

Collapse
 
moopet profile image
Ben Sinclair

I think it's a bad idea to run code from the Internet like that. It's far too easy for a malicious poster to add a helpful comment and get people to run bad code on their machines.

Collapse
 
fernandezbaptiste profile image
Bap

Really cool post!

Collapse
 
c_p_109a685befc79d8bc76b1 profile image
C P

Nice article.

Is this any better than using the server as a SOCKS proxy?

Collapse
 
cwrite profile image
Christopher Wright

Neat

Collapse
 
elizabeth_t_02c910012e3f0 profile image
Elizabeth T

How do you start VIP and what is the movie Andrew

Collapse
 
mostafa_rksane_6b221e8b9d profile image
mostafa rksane

Sjxxhsjajx

Collapse
 
calvino profile image
Calvino

Pretty obvious typo: secret requires --
sudo openvpn --genkey --secret /etc/openvpn/ta.key