{"id":92,"date":"2018-03-10T04:27:43","date_gmt":"2018-03-10T04:27:43","guid":{"rendered":"http:\/\/cloudygeek.com\/?p=92"},"modified":"2019-02-24T05:17:31","modified_gmt":"2019-02-24T05:17:31","slug":"gcp-vpn-server","status":"publish","type":"post","link":"https:\/\/cloudygeek.com\/?p=92","title":{"rendered":"GCP &#8211; Install a VPN server (for client access) on Google Compute Engine"},"content":{"rendered":"<p><strong>** This needs to be updated. Stay tuned&#8230;<\/p>\n<p>REQUIREMENTS:<\/strong><\/p>\n<ul>\n<li>You know how to spin up a Compute Engine instance<\/li>\n<li>You are familiar with linux<\/li>\n<li>You have no time to read lengthy how-tos &#8211; this build took me 15 minutes<\/li>\n<\/ul>\n<p><strong>USE CASE:<\/strong><\/p>\n<ul>\n<li>I like taking advantage of free wifi (sbux, friends, etc) but want to keep my traffic encrypted.<\/li>\n<li>I prefer to use the native mac vpn client<\/li>\n<\/ul>\n<p><!--more--><\/p>\n<p><strong>HOW TO BUILD THE VPN SERVER:<\/strong><\/p>\n<p>I found an amazing article from 2014 &#8211; and it still worked with a few updates using StrongSwan.<\/p>\n<p>Thank you! &#8211;&gt; <a href=\"https:\/\/greenido.wordpress.com\/2014\/08\/10\/install-a-vpn-server-on-google-compute-engine\/\">https:\/\/greenido.wordpress.com\/2014\/08\/10\/install-a-vpn-server-on-google-compute-engine\/<\/a><\/p>\n<p>1)\u00a0 \u00a0In Compute Engine, create an instance &#8211; use <strong><em>small<\/em><\/strong>, <em><strong>Debian GNU\/Linux 8 (jessie)<\/strong><\/em>, and allow <em><strong>HTTP\/HTTPS traffic<\/strong><\/em><\/p>\n<p>2)\u00a0 Create a new Firewall rule<br \/>\n<img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-medium wp-image-103\" src=\"http:\/\/cloudygeek.com\/wp-content\/uploads\/2018\/03\/fwrule-1-300x296.png\" alt=\"\" width=\"300\" height=\"296\" srcset=\"https:\/\/cloudygeek.com\/wp-content\/uploads\/2018\/03\/fwrule-1-300x296.png 300w, https:\/\/cloudygeek.com\/wp-content\/uploads\/2018\/03\/fwrule-1-100x100.png 100w, https:\/\/cloudygeek.com\/wp-content\/uploads\/2018\/03\/fwrule-1.png 412w\" sizes=\"(max-width: 300px) 100vw, 300px\" \/><\/p>\n<p>3)\u00a0 Ssh to your new instance and &#8220;sudo su&#8221; to run as root<\/p>\n<p><span style=\"font-size: 1rem;\">4)\u00a0 Download install script from\u00a0<\/span><a style=\"font-size: 1rem;\" href=\"https:\/\/gist.github.com\/Stella-C\/45389e7cf391a9e52089bfb5088bf34a#file-gcp-deb8-vpn-install-sh\">https:\/\/gist.github.com\/Stella-C\/45389e7cf391a9e52089bfb5088bf34a#file-gcp-deb8-vpn-install-sh<\/a><\/p>\n<p>5)\u00a0 Fix permissions of script &#8211;&gt; $<em>chmod +x\u00a0gcp-deb8-vpn-install.sh<\/em><\/p>\n<p>6)\u00a0 Update script by updating the values for:<br \/>\nIPSEC_PSK<br \/>\nVPN_USER<br \/>\nVPN_PASSWORD<br \/>\nPRIVATE_IP<br \/>\nPUBLIC_IP<br \/>\nIP_RANGE<br \/>\nINTERNAL_NET<\/p>\n<p>7)\u00a0 Run the script &#8211;&gt; $<em>.\/gcp-deb8-vpn-install.sh<\/em><\/p>\n<p>8)\u00a0 Logs can be viewed by &#8211;&gt; $<em>tail -f \/var\/log\/auth.log<br \/>\n&#8211;&gt; $tail -f \/var\/log\/syslog.log\u00a0<\/em><\/p>\n<p><strong>HOW TO SET UP YOUR MAC OS:<\/strong><\/p>\n<p>1)\u00a0 Create a new network &#8211;&gt; VPN &#8211; L2TP over IPSec<br \/>\n<img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-medium wp-image-109\" src=\"http:\/\/cloudygeek.com\/wp-content\/uploads\/2018\/03\/mac1-300x259.png\" alt=\"\" width=\"300\" height=\"259\" srcset=\"https:\/\/cloudygeek.com\/wp-content\/uploads\/2018\/03\/mac1-300x259.png 300w, https:\/\/cloudygeek.com\/wp-content\/uploads\/2018\/03\/mac1-768x664.png 768w, https:\/\/cloudygeek.com\/wp-content\/uploads\/2018\/03\/mac1-1024x885.png 1024w, https:\/\/cloudygeek.com\/wp-content\/uploads\/2018\/03\/mac1.png 1074w\" sizes=\"(max-width: 300px) 100vw, 300px\" \/><\/p>\n<p>2)\u00a0 Add PUBLIC_IP and VPN_USER info:<br \/>\n<img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-medium wp-image-111\" src=\"http:\/\/cloudygeek.com\/wp-content\/uploads\/2018\/03\/mac2-1-300x249.png\" alt=\"\" width=\"300\" height=\"249\" srcset=\"https:\/\/cloudygeek.com\/wp-content\/uploads\/2018\/03\/mac2-1-300x249.png 300w, https:\/\/cloudygeek.com\/wp-content\/uploads\/2018\/03\/mac2-1-768x637.png 768w, https:\/\/cloudygeek.com\/wp-content\/uploads\/2018\/03\/mac2-1.png 830w\" sizes=\"(max-width: 300px) 100vw, 300px\" \/><\/p>\n<p>3)\u00a0 In Authentication Settings, add VPN_PASSWORD and IPSEC_PSK and hit OK<br \/>\n<img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-medium wp-image-112\" src=\"http:\/\/cloudygeek.com\/wp-content\/uploads\/2018\/03\/mac3-297x300.png\" alt=\"\" width=\"297\" height=\"300\" srcset=\"https:\/\/cloudygeek.com\/wp-content\/uploads\/2018\/03\/mac3-297x300.png 297w, https:\/\/cloudygeek.com\/wp-content\/uploads\/2018\/03\/mac3-100x100.png 100w, https:\/\/cloudygeek.com\/wp-content\/uploads\/2018\/03\/mac3.png 744w\" sizes=\"(max-width: 297px) 100vw, 297px\" \/><\/p>\n<p>4)\u00a0 In Advanced Settings, check send all traffic over VPN<br \/>\n<img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-medium wp-image-113\" src=\"http:\/\/cloudygeek.com\/wp-content\/uploads\/2018\/03\/mac4-300x172.png\" alt=\"\" width=\"300\" height=\"172\" srcset=\"https:\/\/cloudygeek.com\/wp-content\/uploads\/2018\/03\/mac4-300x172.png 300w, https:\/\/cloudygeek.com\/wp-content\/uploads\/2018\/03\/mac4-768x441.png 768w, https:\/\/cloudygeek.com\/wp-content\/uploads\/2018\/03\/mac4.png 902w\" sizes=\"(max-width: 300px) 100vw, 300px\" \/><\/p>\n","protected":false},"excerpt":{"rendered":"<p>** This needs to be updated. Stay tuned&#8230; REQUIREMENTS: You know how to spin up a Compute Engine instance You are familiar with linux You have no time to read lengthy how-tos &#8211; this build took me 15 minutes USE CASE: I like taking advantage of free wifi (sbux, friends, etc) but want to keep &hellip; <\/p>\n<p class=\"link-more\"><a href=\"https:\/\/cloudygeek.com\/?p=92\" class=\"more-link\">Continue reading<span class=\"screen-reader-text\"> &#8220;GCP &#8211; Install a VPN server (for client access) on Google Compute Engine&#8221;<\/span><\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[],"_links":{"self":[{"href":"https:\/\/cloudygeek.com\/index.php?rest_route=\/wp\/v2\/posts\/92"}],"collection":[{"href":"https:\/\/cloudygeek.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/cloudygeek.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/cloudygeek.com\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/cloudygeek.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=92"}],"version-history":[{"count":28,"href":"https:\/\/cloudygeek.com\/index.php?rest_route=\/wp\/v2\/posts\/92\/revisions"}],"predecessor-version":[{"id":163,"href":"https:\/\/cloudygeek.com\/index.php?rest_route=\/wp\/v2\/posts\/92\/revisions\/163"}],"wp:attachment":[{"href":"https:\/\/cloudygeek.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=92"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/cloudygeek.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=92"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/cloudygeek.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=92"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}