IP Vanish for your home network

Before we hit to vanishing using IP Vanish. I have been trying out different tools and utilities over the past year but, unfortunately have not been spending time on sharing it. It’s almost a year, since I put up my last post. I was busy, but also had a lack of commitment from my side, and made countless excuses for not putting up the posts.

I have pulled myself up again and make myself responsible for ensuring that, there is a small writeup here every week. It’s not going to be easy but will give it a try and see how it goes.

Coming back to our topic. I have been trying to ensure security and privacy over internet for me and my loved ones. Have used and tried various VPN offerings, but have recently moved to IP Vanish. The service is good, it is economical, provides the necessary security. They also provide scripts, for connecting to the VPN tunnel for linux hosts.

The level of documentation provided on IP Vanish site is also good. The one thing found missing on the internet, was content mentioning, how IP Vanish can be configured for the home network, using a linux box. I had to do this because of an outdated router. It does not have a VPN configuration. Thought of sharing it here, just in case you are in the same boat. So, let’s Start

We will be performing the following steps

  1. Register for a new account with IP Vanish
  2. Install IP Vanish connection script
  3. Modify firewall rules to accept network packets and forward it to VPN tunnel
  4. Modify router configuration to use this linux machine as your gateway.

Register for a new account with IP Vanish

You can signup for a new account at https://signup.ipvanish.com/

After you have signed up and created a password, you can login to your account. If you visit the Server List you should be able to see the Configuration Options for OpenVPN and the list of Servers available

Install IP Vanish connection script

You can download the necessary script, to setup your version of linux from the following link https://www.ipvanish.com/vpn-setup/linux/#linux-setup

I am running CentOS 7 and I have used the OpenVPN file from the Fedora Setup. Once downloaded change to the ipvanish directory and run the command

./ipvanish-vpn-linux start

You will have to provide details like your username, password, the server which you wish to you to complete the startup process

Modify Firewall rules

If you are on CentOS 7 like me you just need one command and few rules to configure the firewall and routing. All below network configuration commands are to be run as a superuser

firewall-cmd --zone=external --add-interface=tun0
iptables -t nat -A POSTROUTING -s -o eth0 -j MASQUERADE
iptables -A INPUT -i tun0 -j ACCEPT
iptables -A FORWARD -i eth0 -o tun0 -j ACCEPT
iptables -A FORWARD -i tun0 -o eth0 -j ACCEPT

This will configure your system accept packets from your internal network, masquerade and forward it to tun0. The above command assumes that, tun0 is your active tunnel. You can actually verify the interface name by using

ip addr show

You may have to check if ip forwarding has been enabled by using

sysctl net.ipv4.ip_forward

The outcome of the command should be net.ipv4.ip_forward = 1. In case it is not you can do so by running

sysctl net.ipv4.ip_forward=1

Modify Router configuration

Modify your router dhcp configuration as shown above. Set the Default Gateway IP to the IP Address of the linux box on which you are running IP Vanish ( for me). You can test the connectivity by manually setting your ip address and the gateway values on a laptop and testing if your connectivity works fine. Post this you can change the configuration on the router

You can visit https://www.whatismyip.com/ to ascertain that your network is indeed using the VPN Tunnel and to ensure you do not have any leaks

With this your entire network should be setup to use the VPN tunnel. Please feel free to drop in a note or ask in case you come across any issues. I may not respond right away, but will try to come back soon.

I am running my tunnelling on a Virtualized CentOS guest on Xen. You can read more about setting up Xen here

I will be back next week with a solution to block all the ads and improve your surfing experience .Until then, Happy hacking!!!