Cagey Posted July 4, 2017 Share Posted July 4, 2017 I appreciate your video tutorials and I like the LAN Turtle, so much that I ordered one to try... I used your idea to install a couple of OpenVPN "road warrior" insallations on VMware Servers to reduce the number of open ports to run a Windows Server, a Linux (Mint XFCE) running the OpenVPN, and the DELL DARC. Recently, I tried the same type of OpenVPN install on a Ubuntu Server on Amazon AWS, and there is no way in HELL that I can get it to work. For instance there is no device (eth0, eth1) that shows as a connection to the internet. There is no problem connecting to the OpenVPN gateway/server... but I cannot see anything else on the "local" network. The OpenVPN-AS (access server) works fine... for two users, but the "free" version cannot be made useful. Please write to me and consider a video on the alternative, free option/s. Keith Gray +61419895353 keithgrayaus@yahoo.com.au Quote Link to comment Share on other sites More sharing options...
digip Posted July 4, 2017 Share Posted July 4, 2017 Possible they don't use eth0 naming conventions and use enp0s25## because of systemd? You'd have to ifconfig to see them, and have root priv to see the interfaces, or "sudo ifconfig -a" If you can control grub on the boot of these AWS machines, you can add a line to the boot config that renames them to something familiar like eth0, etc. Something like: GRUB_CMDLINE_LINUX_DEFAULT="net.ifnames=1 biosdevname=0" added to the grub config on boot so they don't take systemd naming convention from the bios. Quote Link to comment Share on other sites More sharing options...
zenware Posted July 4, 2017 Share Posted July 4, 2017 So I'm not sure what you mean by "local" network, but Amazon has a notion of "Private Subnets" which basically allows networking between instances on the same availability zone without your communication having to make it's way back to the public internet and then back into the data center first. It's something non-trivial you have to configure. So if your goal is to VPN so you can access other machines in your Amazon network like they are local to the VPN client then that's the route to go. Quote Link to comment Share on other sites More sharing options...
datajumper Posted July 9, 2017 Share Posted July 9, 2017 have you tried vpnbook ( google it ) all you do ist download the certificate pack the psswd is on the web site where you download it once you download it just extract it choose wich port you want to use theres a few in that folder like udp25000 udp443 udp80 just pick wich one you want i am using udp25000 open a terminal sudo su or sudo -s then its as simple as openvpn --config udp25000"file" just type openvpn --config then drag and drop that file in your terminal once its started just minimize it you close the terminal you kill you vpn but it works and its free the only downside is it dont support peer to peer downloading example like torrents bit torrent client pirate bay "example lol" but if you are just wanting a good vpn here you go man : ) just download one of the certificate bundle's i actually alternate between the euro one and the US one lol if you need hel holler : ) https://www.vpnbook.com/freevpn Quote Link to comment Share on other sites More sharing options...
digip Posted July 9, 2017 Share Posted July 9, 2017 2 hours ago, datajumper said: have you tried vpnbook ( google it ) all you do ist download the certificate pack the psswd is on the web site where you download it once you download it just extract it choose wich port you want to use theres a few in that folder like udp25000 udp443 udp80 just pick wich one you want i am using udp25000 open a terminal sudo su or sudo -s then its as simple as openvpn --config udp25000"file" just type openvpn --config then drag and drop that file in your terminal once its started just minimize it you close the terminal you kill you vpn but it works and its free the only downside is it dont support peer to peer downloading example like torrents bit torrent client pirate bay "example lol" but if you are just wanting a good vpn here you go man : ) just download one of the certificate bundle's i actually alternate between the euro one and the US one lol if you need hel holler : ) https://www.vpnbook.com/freevpn All your data belong to whoever owns the VPN. The VPN people own your traffic, shape it, injected/read/mangle, in other words, pwn all your shit. you don't put a free VPN, on a web property you own that you want protected. Especially if you can roll OpenVPN from an Amazon instance of your own already(as far as I know). This is true of any company VPN service for the most part, but free ones, are like free proxies. Free ones usually exist for a reason, and that's usually not "free" at the end of the day. In the above instance if he needs remote access to his own servers, he can roll his own OpenVPN setup on amazon, or, just SSH into the system if he can setup SSH, which if probably already enabled. He could also proxychain and forward over SSH his own little subnet that bridges the two networks securely, which would be way safer than a free VPN services, which would cause all his server traffic to be open to the VPN network. Quote Link to comment Share on other sites More sharing options...
datajumper Posted July 11, 2017 Share Posted July 11, 2017 On 7/9/2017 at 0:14 PM, digip said: All your data belong to whoever owns the VPN. The VPN people own your traffic, shape it, injected/read/mangle, in other words, pwn all your shit. you don't put a free VPN, on a web property you own that you want protected. Especially if you can roll OpenVPN from an Amazon instance of your own already(as far as I know). This is true of any company VPN service for the most part, but free ones, are like free proxies. Free ones usually exist for a reason, and that's usually not "free" at the end of the day. In the above instance if he needs remote access to his own servers, he can roll his own OpenVPN setup on amazon, or, just SSH into the system if he can setup SSH, which if probably already enabled. He could also proxychain and forward over SSH his own little subnet that bridges the two networks securely, which would be way safer than a free VPN services, which would cause all his server traffic to be open to the VPN network. oh wow man i had no clue i didnt know i was using vpnbook with kali anonsurf = tor with using tor do you still think they looked at my data ? man i want to learn more about this and do you have a good guide for rolling your own vpn ? actually im going to research that right now thanx for the info sincerely i appreciate it thanks again digip Quote Link to comment Share on other sites More sharing options...
digip Posted July 11, 2017 Share Posted July 11, 2017 19 hours ago, datajumper said: oh wow man i had no clue i didnt know i was using vpnbook with kali anonsurf = tor with using tor do you still think they looked at my data ? man i want to learn more about this and do you have a good guide for rolling your own vpn ? actually im going to research that right now thanx for the info sincerely i appreciate it thanks again digip The "roll your own vpn" is for things like, being on the road and using foreign wifi you don't control. You would use the VPN to get into your home network, and run your traffic over your home VPN/Proxy/SSH tunnel, so no one can see what you're doing. The benefit of a VPN, no socks proxy for browser only, so your email clients, window supdates(or linux/mac, phone, etc) are all encrypted between you and your home network, while at a hotel, cafe, etc. TOR is great to an extent, just don't log on to sensitive services unless tunneling over TOR. Fine for surfing and visiting dark web sites, but you're still at the mercy of the exit node unless encrypted to your destination. TOR is also nice if you need a quick proxy to test your home network, which you can nmap scan over proxychains at your external IP, and the traffic will go out, over tor, at your IP from the internet, and then back over TOR, so you see what everyone else would see more or less. This also allows you to pass tools like nmap over proxychains and through a TOR tunnel to another IP/Domain, just don't think you're 100% anonymous when doing it, you're still on a network others own, since your proxying over other TOR users. This brings up another issue, with being an exit node for others, if someone is attacking a bank/company/government site, sending child porn, etc, you could possibly be implicated and have your machine acquired by law enforcement if they want it for evidence. More rare, but happens - http://www.npr.org/sections/alltechconsidered/2016/04/04/472992023/when-a-dark-web-volunteer-gets-raided-by-the-police Also, VPN's don't necessarily have to be your home machine. You can use yoru own hosted websites for this, and if you have something like a dedicated hosted cloud service that lets you install OpenVPN, even better. I use an SSH tunnel a times from my own domains when I'm on wifi I don't trust, and I used to use paid VPN's, but I also knew the owner of one that no longer is in service, which was for Military expats in Germany. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.