Private Internet Access with OpenVPN: Difference between revisions

Install OpenVPN

apt -y install openvpn

Download PIA Config Files

wget https://www.privateinternetaccess.com/openvpn/openvpn.zip -O /tmp/openvpn.zip

Extract Config Files

unzip /tmp/openvpn.zip -d /opt/openvpn
cp /opt/openvpn/AU\ Sydney.ovpn /etc/openvpn/sydney.conf
cp /opt/openvpn/ca.rsa.2048.crt /opt/openvpn/crl.rsa.2048.pem /etc/openvpn/

Create Login File

vi /etc/openvpn/login

Add your username and password to this file. Line one is your username and line two is the password

p123456
asw34fds34

Secure login file

chmod 600 /etc/openvpn/login

Update the config file to use your username and password rather than prompting.

sed -i 's/auth-user-pass/auth-user-pass \/etc\/openvpn\/login/' /etc/openvpn/sydney.conf

Does the service run

openvpn --config /etc/openvpn/sydney.conf

Open another session and verify IP address

curl ifconfig.co

If all good enable services on startup. By default all VPN config files will start. If only using a single VPN then ignore these section.

systemctl disable openvpn
systemctl enable openvpn@sydney

If you have a public IPv6 address disable IPv6

cat >> /etc/sysctl.conf << EOF

#Disable public IPv6 address
net.ipv6.conf.all.disable_ipv6 = 1
EOF

If you want to set this device as a router so the other devices on your network can now use the VPN tunnel change the gateway on all your devces to look at this device and make the following changes.

To allow the device to NAT traffic over the VPN.

iptables -A POSTROUTING -o tun0 -s 192.168.1.0/24 -t nat -j MASQUERADE

Show Tables

iptables -t nat -nvL

Delete Tables

iptables -t nat -F

You may also be interested in SOCKS Proxy