I like OpenVPN, it is free, moderately secure, low overhead, and now with container technology, I total snap to setup in the cloud. Many DD-WRT and Open-WRT based routers support OpenVPN out of the box as well making it a good choice for personal use.
I’m here in a coffee shop in Vietnam using my OpenVPN docker instance presently and it’s been working swimmingly. Also used it in Texas, Idaho and Mexico without issue.
After congress voted in March 2017 along party lines to allow the collection and sale of your internet browsing history (previously banned) I decided to look in to OpenVPN again. OpenVPN can be a bit of a hassle to setup on a local server behind a firewall, but hosted in the cloud is relatively easy. I moved my linode over to their German datacenter (Germany has awesome privacy laws) and spun up a VPN server in just minutes using docker.
This is what I ended up doing as a simple trial. It’s worked so well so far I haven’t had any reason to change things.
Going here and following the quick start instructions is pretty easy:
docker pull kylemanna/openvpn
# generate config server file
docker run -v $OVPN_DATA:/etc/openvpn –rm kylemanna/openvpn ovpn_genconfig -u udp://VPN.SERVERNAME.COM
docker run -v $OVPN_DATA:/etc/openvpn –rm -it kylemanna/openvpn ovpn_initpki
# start server process
docker run -v $OVPN_DATA:/etc/openvpn -d -p 1194:1194/udp –cap-add=NET_ADMIN kylemanna/openvpn
# generate client cert
docker run -v $OVPN_DATA:/etc/openvpn –rm -it kylemanna/openvpn easyrsa build-client-full CLIENTNAME nopass
# get openVPN config file (with above client cert embeddded)
docker run -v $OVPN_DATA:/etc/openvpn –rm kylemanna/openvpn ovpn_getclient CLIENTNAME > CLIENTNAME.ovpn
Then just cat out your CLIENTNAME.ovpn file to your client and away you go. Right now I’m at 178 days uptime and it’s been nothing but flawless. As always you should update your VPN software periodically to keep up with security fixes.