http://nickj.org/index.php?title=Setting_up_OpenVPN_for_free_Internet_access_in_airports,_hotels,_and_cafes&feed=atom&action=historySetting up OpenVPN for free Internet access in airports, hotels, and cafes - Revision history2024-03-29T15:52:29ZRevision history for this page on the wikiMediaWiki 1.22.6http://nickj.org/index.php?title=Setting_up_OpenVPN_for_free_Internet_access_in_airports,_hotels,_and_cafes&diff=3139&oldid=prevNickj: /* Setup beforehand */ fix overwrite of log due to using same file name twice.2008-10-13T06:56:53Z<p><span dir="auto"><span class="autocomment">Setup beforehand: </span> fix overwrite of log due to using same file name twice.</span></p>
<table class='diff diff-contentalign-left'>
<col class='diff-marker' />
<col class='diff-content' />
<col class='diff-marker' />
<col class='diff-content' />
<tr style='vertical-align: top;'>
<td colspan='2' style="background-color: white; color:black; text-align: center;">← Older revision</td>
<td colspan='2' style="background-color: white; color:black; text-align: center;">Revision as of 06:56, 13 October 2008</td>
</tr><tr><td colspan="2" class="diff-lineno">Line 94:</td>
<td colspan="2" class="diff-lineno">Line 94:</td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>verb 5</div></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>verb 5</div></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div># logging</div></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div># logging</div></td></tr>
<tr><td class='diff-marker'>−</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div><del class="diffchange diffchange-inline">status /var/</del>log<del class="diffchange diffchange-inline">/openvpn/rB.example.net.log</del></div></td><td class='diff-marker'>+</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div>log /var/log/openvpn</div></td></tr>
<tr><td class='diff-marker'>−</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div><del class="diffchange diffchange-inline">log-append </del>/var/log/openvpn<del class="diffchange diffchange-inline">/rB.example.net.log</del></div></td><td class='diff-marker'>+</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div></div></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div></pre></div></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div></pre></div></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>... and save.</div></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>... and save.</div></td></tr>
</table>Nickjhttp://nickj.org/index.php?title=Setting_up_OpenVPN_for_free_Internet_access_in_airports,_hotels,_and_cafes&diff=3138&oldid=prevNickj: after testing last week, found currently not working - add warning note.2008-10-13T06:51:47Z<p>after testing last week, found currently not working - add warning note.</p>
<table class='diff diff-contentalign-left'>
<col class='diff-marker' />
<col class='diff-content' />
<col class='diff-marker' />
<col class='diff-content' />
<tr style='vertical-align: top;'>
<td colspan='2' style="background-color: white; color:black; text-align: center;">← Older revision</td>
<td colspan='2' style="background-color: white; color:black; text-align: center;">Revision as of 06:51, 13 October 2008</td>
</tr><tr><td colspan="2" class="diff-lineno">Line 1:</td>
<td colspan="2" class="diff-lineno">Line 1:</td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>'''Note: All this information is currently undergoing testing, and these instructions may be deleted or revised based on the outcome of this testing.'''</div></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>'''Note: All this information is currently undergoing testing, and these instructions may be deleted or revised based on the outcome of this testing.'''</div></td></tr>
<tr><td colspan="2"> </td><td class='diff-marker'>+</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div><ins style="font-weight: bold; text-decoration: none;"></ins></div></td></tr>
<tr><td colspan="2"> </td><td class='diff-marker'>+</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div><ins style="font-weight: bold; text-decoration: none;"><big><big><big>DOES NOT WORK</big></big></big>. Sorry! Will investigate this more when get more free time. Until then, please do not follow these directions unless you are prepared to troubleshoot & problem-fix extensively.</ins></div></td></tr>
<tr><td colspan="2"> </td><td class='diff-marker'>+</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div><ins style="font-weight: bold; text-decoration: none;"></ins></div></td></tr>
<tr><td colspan="2"> </td><td class='diff-marker'>+</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div><ins style="font-weight: bold; text-decoration: none;">----</ins></div></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>When you go to a airport, hotel, or cafe, frequently you will need to pay for net access, but DNS requests (port 53 UDP) are allowed. You can (potentially) use this to get free (but slow) internet access. You need to set this up before finding yourself in this situation, so it's probably only worth it if you travel frequently.</div></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>When you go to a airport, hotel, or cafe, frequently you will need to pay for net access, but DNS requests (port 53 UDP) are allowed. You can (potentially) use this to get free (but slow) internet access. You need to set this up before finding yourself in this situation, so it's probably only worth it if you travel frequently.</div></td></tr>
</table>Nickjhttp://nickj.org/index.php?title=Setting_up_OpenVPN_for_free_Internet_access_in_airports,_hotels,_and_cafes&diff=3130&oldid=prevNickj: /* When you want to use it */2008-10-02T05:08:19Z<p><span dir="auto"><span class="autocomment">When you want to use it</span></span></p>
<table class='diff diff-contentalign-left'>
<col class='diff-marker' />
<col class='diff-content' />
<col class='diff-marker' />
<col class='diff-content' />
<tr style='vertical-align: top;'>
<td colspan='2' style="background-color: white; color:black; text-align: center;">← Older revision</td>
<td colspan='2' style="background-color: white; color:black; text-align: center;">Revision as of 05:08, 2 October 2008</td>
</tr><tr><td colspan="2" class="diff-lineno">Line 120:</td>
<td colspan="2" class="diff-lineno">Line 120:</td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>On the client, do this when you're in your airport, hotel, or cafe:</div></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>On the client, do this when you're in your airport, hotel, or cafe:</div></td></tr>
<tr><td class='diff-marker'>−</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div><del style="font-weight: bold; text-decoration: none;"> sudo /etc/init.d/openvpn start</del></div></td><td colspan="2"> </td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"></td></tr>
<tr><td class='diff-marker'>−</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div>When you are finished, and want your networking to go back to normal, do this on the client:</div></td><td class='diff-marker'>+</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div><ins class="diffchange diffchange-inline">* First, connect to the wireless or wired network</ins></div></td></tr>
<tr><td colspan="2"> </td><td class='diff-marker'>+</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div><ins class="diffchange diffchange-inline">* Check you get an IP address back for this:</ins></div></td></tr>
<tr><td colspan="2"> </td><td class='diff-marker'>+</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div><ins class="diffchange diffchange-inline"> ping google.com</ins></div></td></tr>
<tr><td colspan="2"> </td><td class='diff-marker'>+</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div><ins class="diffchange diffchange-inline">* Then do:</ins></div></td></tr>
<tr><td colspan="2"> </td><td class='diff-marker'>+</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div><ins class="diffchange diffchange-inline"> sudo /etc/init.d/openvpn start</ins></div></td></tr>
<tr><td colspan="2"> </td><td class='diff-marker'>+</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div><ins class="diffchange diffchange-inline">* </ins>When you are finished, and want your networking to go back to normal, do this on the client:</div></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>  sudo /etc/init.d/openvpn stop</div></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>  sudo /etc/init.d/openvpn stop</div></td></tr>
</table>Nickjhttp://nickj.org/index.php?title=Setting_up_OpenVPN_for_free_Internet_access_in_airports,_hotels,_and_cafes&diff=3129&oldid=prevNickj: create page2008-10-02T05:04:05Z<p>create page</p>
<p><b>New page</b></p><div>'''Note: All this information is currently undergoing testing, and these instructions may be deleted or revised based on the outcome of this testing.'''<br />
<br />
When you go to a airport, hotel, or cafe, frequently you will need to pay for net access, but DNS requests (port 53 UDP) are allowed. You can (potentially) use this to get free (but slow) internet access. You need to set this up before finding yourself in this situation, so it's probably only worth it if you travel frequently.<br />
<br />
== Requirements ==<br />
You'll need:<br />
* A Linux machine that's permanently connected to the internet, with a static IP address. We'll call this the server.<br />
* A Linux machine (almost always a laptop) that wants internet access, and which can connect to a wifi or wired network, but which can only use port 53 UDP for free. We'll call this the client.<br />
* You, who wants internet access, usually for something small, like checking your email or reading a web page, for which paying $20 for 10 minutes of use strikes you as somewhat exorbitant.<br />
<br />
You can test whether you have port 53 UDP by pinging something, e.g.:<br />
ping google.com<br />
.. and if you get an IP address back for google.com, then you've most probably got port 53 UDP traffic allowed.<br />
<br />
== Setup beforehand ==<br />
<br />
Install openvpn on the server and client:<br />
sudo aptitude install openvpn<br />
<br />
Then, generate a static key on the server, and copy this key to the laptop:<br />
cd /etc/openvpn/<br />
openvpn --genkey --secret static.key<br />
rsync /etc/openvpn/static.key laptop:/etc/openvpn/<br />
<br />
Do on both server and client:<br />
sudo mkdir /var/log/openvpn<br />
sudo chown nobody.nogroup /var/log/openvpn<br />
<br />
Do on the server to allow forwarding traffic:<br />
iptables -t nat -A POSTROUTING -s 10.8.0.0/24 -o eth0 -j MASQUERADE<br />
<br />
On the client do:<br />
sudo nano /etc/openvpn/rA.example.net.conf<br />
<br />
... and paste in these contents:<br />
<pre><br />
# openvpn config for client p2p<br />
# clientp2p.conf<br />
#<br />
# address of the server<br />
remote server.whatever.org 53<br />
# set the door of communication on the door 1194<br />
proto udp<br />
port 53<br />
# assign to client 10.8.0.2 and to server the ip 10.8.0.1 <br />
ifconfig 10.8.0.2 10.8.0.1<br />
# level of detail for the log<br />
verb 5<br />
# assign tun like device for the vpn<br />
dev tun0<br />
# authentication file<br />
secret /etc/openvpn/static.key<br />
# creates a file of log<br />
log-append /var/log/openvpn/openvpn.log<br />
# compression<br />
comp-lzo<br />
# other options - no pinging, persistence, and user nobody for security:<br />
ping-restart 0<br />
nobind<br />
user nobody<br />
group nogroup<br />
persist-key<br />
persist-tun<br />
# make this our default gateway when it is running.<br />
redirect-gateway def1<br />
</pre><br />
<br />
... and replace "server.whatever.org" with the domain name or IP address of your server machine, and save.<br />
<br />
For the server, do this:<br />
sudo nano /etc/openvpn/server.whatever.org.conf <br />
<br />
... and paste in these contents:<br />
<pre><br />
port 53<br />
proto udp<br />
dev tun0<br />
comp-lzo<br />
# assign to server the ip 10.8.0.1 and to client 10.8.0.2<br />
ifconfig 10.8.0.1 10.8.0.2<br />
# authentication file<br />
secret /etc/openvpn/static.key<br />
push "redirect-gateway def1"<br />
ping-restart 0<br />
user nobody<br />
group nobody<br />
persist-key<br />
persist-tun<br />
# the type of detail of the log<br />
verb 5<br />
# logging<br />
status /var/log/openvpn/rB.example.net.log<br />
log-append /var/log/openvpn/rB.example.net.log<br />
</pre><br />
... and save.<br />
<br />
Then on the server, start this service and leave it running permanently:<br />
sudo /etc/init.d/openvpn restart<br />
<br />
== Testing if it works correctly ==<br />
<br />
First check the logs on the server:<br />
cat /var/log/openvpn/rB.example.net.log<br />
... and check that there are no serious looking errors, and rectify these if there are any.<br />
<br />
Then on the client, an easy way to test if it's working is compare a traceroute before and after. So do this on the client:<br />
sudo tracert telstra.com<br />
<br />
On the client do:<br />
sudo /etc/init.d/openvpn start<br />
<br />
Then see the "after" results:<br />
sudo tracert telstra.com<br />
... if it's working then the after will be different from the before - in particular, the first line will show "10.8.0.1" (i.e. our internet traffic is going via this IP address), and secondly the route will be longer (e.g. my tracert was 18 instead of 13 hops, i.e. the openvpn adds 5 extra hops).<br />
<br />
Once it's working, stop openvpn on the client:<br />
sudo /etc/init.d/openvpn start<br />
<br />
== When you want to use it ==<br />
<br />
On the client, do this when you're in your airport, hotel, or cafe:<br />
sudo /etc/init.d/openvpn start<br />
<br />
When you are finished, and want your networking to go back to normal, do this on the client:<br />
sudo /etc/init.d/openvpn stop</div>Nickj