Head over to VULTR and spin up a cloud server with Ubuntu 16.04 using the $5/Month server option with 1000GB of bandwidth. Choose the region you want your IP to be in.
Use this code and get $20 credit after your first month (4 months free VPN service!): http://www.vultr.com/?ref=6949897-3B
Here’s a quick how to with copy and paste instructions: https://www.cyberciti.biz/faq/ubuntu-linux-install-pi-hole-with-a-openvpn/
Use Termux on your phone to scp the *.ovpn file from your server.
Once your OpenVPN is up and running, be sure to secure it:
Allow SSH (Highly recommended to change the default SSH port and use SSH keys for security):
# ufw allow ssh
Allow UDP traffic over port
# ufw allow 1194/udp Allow all from your private network.
# ufw allow from 10.8.0.0/24
The ufw forwarding policy needs to be set.
# vi /etc/default/ufw
DEFAULT_FORWARD_POLICY="DROP". This must be changed from DROP to ACCEPT. It should look like this when done:
Next we will add additional ufw rules for network address translation and IP masquerading of connected clients.
# vi /etc/ufw/before.rules
Make the top of your
before.rules file look like below. The area in red for OPENVPN RULES must be added:
# # rules.before # # Rules that should be run before the ufw command line added rules. Custom # rules should be added to one of these chains: # ufw-before-input # ufw-before-output # ufw-before-forward # # START OPENVPN RULES # NAT table rules *nat :POSTROUTING ACCEPT [0:0] # Allow traffic from OpenVPN client to eth0 -A POSTROUTING -s 10.8.0.0/8 -o eth0 -j MASQUERADE COMMIT # END OPENVPN RULES # Don't delete these required lines, otherwise there will be errors *filter
# ufw enable
Enabling ufw will return the following prompt:
Command may disrupt existing ssh connections. Proceed with operation (y|n)?
y. The result will be this output:
Firewall is active and enabled on system startup
To check ufw’s primary firewall rules:
# ufw status