Before we hit to vanishing using IP Vanish. I have been trying out different tools and utilities over the past year but, unfortunately have not been spending time on sharing it. It’s almost a year, since I put up my last post. I was busy, but also had a lack of commitment from my side, and made countless excuses for not putting up the posts.
I have pulled myself up again and make myself responsible for ensuring that, there is a small writeup here every week. It’s not going to be easy but will give it a try and see how it goes.
Coming back to our topic. I have been trying to ensure security and privacy over internet for me and my loved ones. Have used and tried various VPN offerings, but have recently moved to IP Vanish. The service is good, it is economical, provides the necessary security. They also provide scripts, for connecting to the VPN tunnel for linux hosts.
The level of documentation provided on IP Vanish site is also good. The one thing found missing on the internet, was content mentioning, how IP Vanish can be configured for the home network, using a linux box. I had to do this because of an outdated router. It does not have a VPN configuration. Thought of sharing it here, just in case you are in the same boat. So, let’s Start
We will be performing the following steps
- Register for a new account with IP Vanish
- Install IP Vanish connection script
- Modify firewall rules to accept network packets and forward it to VPN tunnel
- Modify router configuration to use this linux machine as your gateway.
Register for a new account with IP Vanish
You can signup for a new account at https://signup.ipvanish.com/
After you have signed up and created a password, you can login to your account. If you visit the Server List you should be able to see the Configuration Options for OpenVPN and the list of Servers available
Install IP Vanish connection script
You can download the necessary script, to setup your version of linux from the following link https://www.ipvanish.com/vpn-setup/linux/#linux-setup
I am running CentOS 7 and I have used the OpenVPN file from the Fedora Setup. Once downloaded change to the ipvanish directory and run the command
./ipvanish-vpn-linux start
You will have to provide details like your username, password, the server which you wish to you to complete the startup process
Modify Firewall rules
If you are on CentOS 7 like me you just need one command and few rules to configure the firewall and routing. All below network configuration commands are to be run as a superuser
firewall-cmd --zone=external --add-interface=tun0 iptables -t nat -A POSTROUTING -s 192.168.0.0/24 -o eth0 -j MASQUERADE iptables -A INPUT -i tun0 -j ACCEPT iptables -A FORWARD -i eth0 -o tun0 -j ACCEPT iptables -A FORWARD -i tun0 -o eth0 -j ACCEPT
This will configure your system accept packets from your internal network, masquerade and forward it to tun0. The above command assumes that, tun0 is your active tunnel. You can actually verify the interface name by using
ip addr show
You may have to check if ip forwarding has been enabled by using
sysctl net.ipv4.ip_forward
The outcome of the command should be net.ipv4.ip_forward = 1. In case it is not you can do so by running
sysctl net.ipv4.ip_forward=1
Modify Router configuration
Modify your router dhcp configuration as shown above. Set the Default Gateway IP to the IP Address of the linux box on which you are running IP Vanish (192.168.0.100 for me). You can test the connectivity by manually setting your ip address and the gateway values on a laptop and testing if your connectivity works fine. Post this you can change the configuration on the router
You can visit https://www.whatismyip.com/ to ascertain that your network is indeed using the VPN Tunnel and to ensure you do not have any leaks
With this your entire network should be setup to use the VPN tunnel. Please feel free to drop in a note or ask in case you come across any issues. I may not respond right away, but will try to come back soon.
I am running my tunnelling on a Virtualized CentOS guest on Xen. You can read more about setting up Xen here
I will be back next week with a solution to block all the ads and improve your surfing experience .Until then, Happy hacking!!!