VPN Abstracting For On The Fly IP Changing With HMA, PIA etc.
 Page :   [ 1 ]    [ 2 ]    [ 3 ]    [ 4 ]  

I was working on a project that required creating many accounts on a particular service with different IP addresses.  For the IP's I tested various things like VPN providers, VPS's with provisioned IP's, AWS instances etc.

The VPN providers had similar approaches allowing you to connect to various servers and provided you a list of IP's or domains to connect to.  At first I made an application for OSX that created, connected and disconnected a PPTP VPN and provided to it the aforementioned IP's.

It worked well but the networking always seemed to get screwed up on my computer whenever I brought the connection up and down many times.

I then thought perhaps a better approach would be to set up a server that I could establish a VPN connecion to from my computer and then I could instruct that server itself to establish a VPN connection to the HWA, PIA or whatever elses IP's.

This seemed to eliminate the networking issues on my computer as I only needed to establish a connection once to the server.

From my computer to the server I used L2TP over IPsec and the server to the other providers it was a PPTP connection as that was the easiest to deal with and seemingly the quickest to connect and disconnect.

For the purposes of this write up I am just going to deal with PIA (Private Internet Access).

The first thing was to get a list of all the IP's PIA makes available on its servers.  See this other article I wrote that explains this.

Then I set up a cheap VPS at Digital Ocean.  It was one of their 512MB Droplets with Debian 8.6 x64.

I just login as root so I don't have to always type sudo. :)

After logging in make sure everything is up to date and stuff is installed to compile some software.

apt-get update && apt-get upgrade

apt-get install build-essential -y

For the connection from my desktop I decided to use something called SoftEther which makes the setup for this part pretty simple.

Here's how to get, build and configure SoftEther.

mkdir /root/download
cd /root/download

wget http://www.softether-download.com/files/softether/v4.20-9608-rtm-2016.04.17-tree/Linux/SoftEther_VPN_Server/64bit_-_Intel_x64_or_AMD64/softether-vpnserver-v4.20-9608-rtm-2016.04.17-linux-x64-64bit.tar.gz

tar xvf softether-vpnserver-v4.20-9608-rtm-2016.04.17-linux-x64-64bit.tar.gz

cd vpnserver


answer YES to the 3 questions.

cd ..

mv vpnserver /usr/local

cd /usr/local/vpnserver

chmod 600 *
chmod 700 vpnserver
chmod 700 vpncmd

Create this file:


and put this in it:

# chkconfig: 2345 99 01
# description: SoftEther VPN Server
test -x $DAEMON || exit 0
case "$1" in
$DAEMON start
touch $LOCK
$DAEMON stop
rm $LOCK
$DAEMON stop
sleep 3
$DAEMON start
echo "Usage: $0 {start|stop|restart}"
exit 1
exit 0

Now do this:

mkdir /var/lock/subsys

chmod 755 /etc/init.d/vpnserver

/etc/init.d/vpnserver start

update-rc.d vpnserver defaults

cd /usr/local/vpnserver

Now it's time to configure softether.  I use the following easy to read server password, vpn user, vpn password just for the sake of this article.  You should change them to something more suitable.

#the main password for the server
#the credentials when establishing the L2TP over IPsec connection to the server

Now configure :

./vpncmd localhost:443 /SERVER /CMD ServerPasswordSet MY_SERVER_PASSWORD
./vpncmd localhost:443 /SERVER /ADMINHUB:VPN /PASSWORD:MY_SERVER_PASSWORD /CMD SecureNatEnable 

At this point you have a L2TP over IPsec proxy running and you can simply proxy through this to get to the internet.

However we are more interested in being able to also proxy through arbitrary other proxies (PIA, HMA etc).  So read on!


 (Page 1 of 4)