 Alright, this video is to walk you through an open VPN server install in a very automated way. So a lot of people maybe don't want to use some other third party VPN provider so they can protect them privacy from, you know, all the hops in between you and whoever you're spreading your VPN. And you're looking for a solution besides one of the commercial ones. You want to install it yourself. This script makes that really easy. So I'm going to leave the links below to the GitHub project that's on here. They actually have some suggestions for one of the VPN hosts you can use which is Bandwagon Host. I actually already have a line note account so I'm going to demo this in line note. But you can use your own home server for this. It just based on the script you need a CentOS Ubuntu or Debian distribution to run this on. So it's pretty diverse. Now I know a lot of times I do these on PF Sense but if you just wanted to have your own server spun up in a cloud hosted environment or at your house for example sleep on a VPN from somewhere else to your house this script will get you started really really fast all open source. And I you know not always the biggest fan of automagical scripts unless you can look at them because this one's open source like you can trust it that it's doing what it says it does and you can walk through everything here is this a fun way to learn how to set these up. We're going to choose a brand new line on servers. What I'm going to do is do this from scratch so to show you from loading the system which I'm not going to do a tutorial on how to load Linux hopefully I have other tutorials and some of that but this will get you started from once you have it loaded to what needs to be done to get it up and running. So we're going to pick our location and I'm in the U.S. in Detroit so we're going to choose London so it makes it really easy to see that I'm currently in Detroit with my P address and then we're going to get me over to London. So add this line node and if this process is going to vary a little bit from you know different systems. So I'm going to go out of here and give it a name real quick and PN demo. All right save changes now we're going to deploy an image and I'm I'm a big fan of Debian so that's the image we're going to do and I put my secret super secret password in here. All right now it is often running creating this and then once it's done we're going to boot it up and log into it. All right the system is all set up and running so I can just copy this IP address and paste it in over here to veteran typing. Yes and I'm going to put my super secret password in. Now at this point one of the things you may want to do is disable keyboard authenticated access because any time there's a SSH port open somewhere there's immediately bots hammering away at it so I will take a second to do that and I'll let you know put in here what I'm doing to secure this. So I know I can log into this I'm like great that works and I want to exit. So the first thing I do is push my public key over to this that way I can disable interactive login on here just a little side note that if you don't set a really secure password bots might guess it and they're hammering away at all these servers as they get spun up so probably keyboard authentication you should turn off. If you haven't used this once you have your key set up you can use SSH copy ID the password for there it's going to copy it over paste in the password for the last time pastes all right now it's done so now when I go SS clear this again and I SSH in it doesn't ask you for a password or it's using public key authentication and then you want to turn off keyboard authentication so that's here password authentication no there we go no more keyboard authentication logged in here for much of this you can skip that part that's up to you this is just a little security recommendation so you don't accidentally get one of your machines out here pwned so now let's go back to the script and talk about what it's going to do so here's the install script and it's the simple here W get a GPS get that a OSS VPN dash open VPN install SSH and then execute it and what it's going to do it's going to download this script which you can see here and run through all the options and the second part of this is first download the script script to W get and then bash execute the script so we'll go ahead and dump this whole command in I know someone's going to call me out and say don't copy and paste commands off of websites that's probably true because there's a whole lot of things bad that can happen but let's assume this is trusted you could just type this in my hand if you're concerned but for convenience of this demonstration we're going to paste this in and I'll show you what it does runs through install setup so which protocol do you want to use for open VPN connections UDP or TCP UDPs recommended so we'll leave that default port 1194 no problem current resolvers Google open DNS hurricane electric pair sign we're going to go ahead and put Google's DNS in there I trust them I like their DNS servers name of the client certificate we're going to call this LTS demo client that's all I need to set your open me and certain open VPN server now press any key to continue so I'm going to let this fly real quick take a second is going to go out there and get everything needed to make this happen this is going to pull all the files it needs all the different support libraries it needs to run open VPN server on this node now here it creates the keys because you have to generate a set of keys for this and now it's done literally that's it open VPN server is running up running enabled no problems now the important part now is you're going how do I connect to it and that's actually where this script gets clever even more that I'm a to kill list over here and there is the name of it LTS demo client dot o VPN that file is all I need to get this thing connected so let me show you the genius of this I'm gonna go ahead and open up a window over here so I can get that file over to my computer and we just need to SFTP to that address there so SFTP colon slash root at 139162 228.79 all right and there's our file the LTS demo client VPN so we're going to copy that and I just pasted it over here into home no big deal now this is a Caden Katie Enian that I'm running which is a one-to-base distribution devian back end so these commands work perfectly fine from there so what we're gonna do now is go back over here and we're gonna log out clear screen now all I had to do it was sudo apt to get install open VPN that's the only other command I did on this computer locally to get this to work which is already done so it would probably tell me it's the latest version already latest version now the important part here is that we use sudo so sudo open VPN space LTS demo client it autocompletes enter all right and this is what you see at the very end initialization sequence completed pretty straightforward we'll switch back over to a browser I like IP chicken I can always remember to it's easy from there is the IP address 139162 22879 which is the same as my live node 139162 22879 that's it that couple minutes of this video we have now run through set it up and executed so it's running here on the server in my cloud hosted server it is now my public IP addresses this and I've hidden my traffic via VPN from Comcast who's my normal provider here at my office and boom I'm surfing the web here so anywhere I go I think they can Geo IP look up and test my own IP address here there's the 139 I'm now in London as far as anyone's concerned now this works with like I said as long as you can get and I'm partial to devian but there's a couple others like sent to us that supported in a bunch who supported lots of different options for different places that have cloud hosting so you can get these connected and it's you know pretty easy to do and that script just takes care of it it creates the file you can run the script again if you want to make some changes to it and once it's installed you can go and manually edit the config files and change them to your liking but it's all you needed was that file now also let's do a speed test so let's go ahead and the Google one speed test run speed test see what happens here now this is the sacrifice you're going to make I have normally substantially more speed now actually run this before before I did this demo I did this before and there's a lot of variation in the numbers at least with the London service I did try the London one last time I did try the Singapore one and it was slower so this is going to be a limitation of what you have at your close hosted provider the other thing I've noticed is it varies a lot I actually took this on my laptop and had it running over the weekend and some places gave me much better speed than others which is kind of strange because it doesn't seem to correlate exactly to the speed tests with the non VPN so right here was my VPN speed test and we're going to go ahead and shut off the VPN and just hit control see we're going to cancel it and it says servers in London so it says my internet speed is slow latency is this so you know it thinks I'm in London so now we'll put speed tests in again and run it again back up to 50 which is what we're paying we're actually paying for a 50 meg circuit right now here and I'm getting the 50 meg circuit and it thinks I'm in Chicago I don't know why sometimes it shows Chicago sometimes it shows Detroit depending on where I do the speed test at but here it is again here now that and like I said this is going to vary based on even geolocation so if you have your VPN server here in the US and you're in the US if you have a geographic close to you it's going to go faster it does not take a lot of processing power to run the VPN on there and I'm going to actually show you that real quick so we'll go back over to here and start up our VPN again so just sudo open VPN and the name of it all right we're going to SSH back into here from another window I'm going to put H top on here so I think it looks better than just running top so here's the system I'll leave this in the background here and then we're going to go back over here and do the speed test so move the window down a little bit so of course at idle we're using like no CPU at all and I'll run the speed test over here in this one I'll cut it over to side a little bit and you can see the speed test now we're actually a little faster we did when we did it a second ago we're using like four percent of the processor power here and still the memory usage doesn't change we're using like 98 megs and for a reason we're getting faster uploads now and like I said this is something you're going to see some variations on there and that hit in spite this almost at 11 percent VPN not to mention my computer has other connections open like Google Drive and there's a whole litany of other things that are open right now so let's like do something like let's open Reddit so it's going to call all these different functions and still you can see our CPU at the top here hardly even moving to do any of that and if we open up something like a YouTube video which don't care for what I'm open so don't get some copyright claim jump over to YouTube which lots of connections going on here and no big deal it's not even really pulling any CPU so it's really not a processor issue at all it's all about just the networking throughput a lot of you're going to ask the next question so it obviously is super easy to do this on Linux now whether you're connecting a Linux box from the command line or something like mine here it's easy just to switch your IP address and on that IP address but you're probably going to say well Tom what about Windows because I need to run Windows for whatever reasons so let me show you how this works inside of Windows it's actually really easy to do all right so all they did was go over here and like I said I'll leave the links below to exactly where I went but this is the latest version as of November 2017 of open VPN 2.4 here is the Windows Vista and later installer so we're going to head and download that and we will just open it up real quick yep and next and yes our way through this the defaults are fine now when you open it it's going to tell you the user profile see users Tom open VPN config so what we got to do now is copy that same file that we had and copied over there all right now copy the file over to users Tom open VPN config so we're going to open up open VPN again and we're going to go to connect and it doesn't ask me any questions because if there's only one config file it only has one to connect to and it lets me know now connected and there's the same IP address that's all you have to do to get your Windows boxes on this VPN over the one I'm using here in line out or really any VPN this is a just that easy to do I've been really impressed with the script because it really is kind of a no brainer for doing this it's really easy to manage whether you're on Windows or on Linux and it's very little Linux knowledge needed to actually get this set up now the good thing is it's a great learning tool because if you wanted to walk through everything that the script did you can walk through the script and see all the settings in there and then you can actually edit these files yourself as well I'm going to shut this down and this will actually show you the details of what's in here so it's going to walk you through you can change any of these options as long as you match them on the server but you can see that this open VPN file has everything in here that you need to connect now I'm not maybe I'll do a separate video if there's interest in this obviously you can use this with your PF sense and put all these exact settings using this file not as a copy and paste of the file but back into PF sense so you can you know do the same thing I showed with PA how you can VPN your whole network or proxy it over to this pretty easily so this one here this quick demonstration it's really pretty easy to do in this script I'll get you started I've even seen a few people who do it on Raspberry Pi is we want to have a Raspberry Pi VPN server in their house for advertising expensive you map just one single port which is 1194 to the firewall and away you go you can have this inside your network and it will offer access inside your network or when you put it in a cloud server like this makes it really easy to change your IP address or to be that because you're tunneling all of your data through that connection so hopefully this was helpful if you like the content here like and subscribe you have questions leave them below but I'll put links to everything in here in the below and if you want to try hammering on the server by the time I publish this video I'll already have it destroyed so no big deal there because I noticed I did expose my certificate if someone wanted to actually do it so I realized that was a oops not that I cared that much I spin these up and destroy them for testing anyways all right thanks