Thursday, February 19, 2015

How to setup VPN on Google Cloud Platform

After 19 days of using VPN on Google Cloud Platform, I want to spread more information about their excellent service.

Previous VPN services I tried where very unstable for me - even 1 disconnect per hour is not acceptable for me, because when it happens it happens in the wrong moment and it's very annoying.

Then I tried OpenVPN on own Linode VPS, but was wonder to still see disconnections, although less often - once per 2 hours approximately. I suppose Linode have some issues in their London DC network (and tests on confirms that). Next my try was same-sized VPN on DigitalOcean (Amsterdam 2 DC), and connection was more stable. But still few disconnections per day. Have to say, performance of same size server is much better on Linode. They just need more stable network.

In 19 days of usage VPN on Google Cloud Platform I've encountered... 0 disconnections. It wonders me and I'm glad to share my how-to (copy of my answer on

  • I recommend you create additional network (see "Networks" tab"). In network preferences, add allowing rules for: tcp:22 (if not exist), tcp:9700, tcp:1761917619 here is variable - change it to any port you like (range is 9075-65534). You only need 3 rules and 2 default routes, nothing else.
  • Go to "Create Compute Engine instance", click "Show advanced options", allow ports forwarding, select location of the server.
  • Now (when you've selected location), add static IP to the server.
  • Select Ubuntu 14.04 image (exactly this version).
  • Create instance
  • Connect via SSH (most easy way - use in-browser tool from GCE panel)
  • sudo su
  • apt-key update && apt-get update && apt-get -y upgrade && apt-get -y install python-software-properties && apt-get -y install software-properties-common && add-apt-repository -y ppa:pritunl && apt-get update && apt-get -y install pritunl
  • In browser open https://instance_ip:9700
  • On question about DB, click "Save"
  • In login window, use pritunl as username and password
  • Now change username and password of admin user
  • Add organization, then 2 users (for desktop and mobile)
  • Click "Add server" in "Servers" tab
  • Use port number from first step (17619 as example) and tcp protocol.
  • Attach organization to server
  • Start server
  • In "Users" tab download keys for both users (tar archives with ovpn files inside).
I use Viscosity for OS X and OpenVPN connect for iOS as clients. In Viscosity, turn on "Send all traffic over VPN connection" option in "Networking" tab.

No comments:

Post a Comment