* VPN Thread *

GoogalyMoogaly · 3 Aug 2025 at 03:19

I tried to sign up for NordVPN using TopCashBack as they had a 95% cashback offer. But the purchase tracked at the wrong amount (lower) so I'm not getting the full amount (I realise VAT isn't included in the price cashback is paid on). I've raised a claim but it will take 1-3 months to sort out and I only have 31 days to cancel NordVPN. On top of this the estimate wait for a payout is 10 weeks!
So it looks like NordVPN is getting cancelled!

esmozz · 3 Aug 2025 at 07:08

I thought I'd throw this in here as a thought experiment. As a tech savvy but non technical person I asked chatgpt to tell me how to make my own VPN.
Apologies for the length of the post and I have no idea if chapGPT is actually correct in it's instructions. How do you ban this?

Edit: It hasn't copied across correctly but I'll leave it up as its idea of doing it that's the point of discussion.

Edit2: I should just point out this was in the context of another discussion and moved here - it wasn't my intention to start a detailed technical discussion on how to setup a VPN as I'm sure I could find that info here already.

Can you give me detailed instructions on how to write and install a vpn in the cloud?

ChatGPT said:

Writing and installing a VPN (Virtual Private Network) in the cloud involves several steps, from setting up a virtual server to configuring the VPN software. Here's a comprehensive guide on how to do it, broken down into manageable sections:

Step 1: Set up a Cloud Instance

First, you need a virtual machine (VM) in the cloud where you will install the VPN server. Cloud providers like AWS, Google Cloud, and DigitalOcean offer easy ways to deploy these.

1.1

AWS: EC2 instances
Google Cloud: Google Compute Engine
DigitalOcean: Droplets
Azure: Virtual Machines

For this example, I'll assume you're using AWS (but the steps are similar for other providers).

1.2

Sign in to AWS Console and go to the EC2 Dashboard.
Click Launch Instance and choose an OS (e.g., Ubuntu).
Choose an instance type (e.g., t2.micro for light usage).
- VPC/Subnet: Leave default for now.
- Security Group: Create or select an existing security group with the necessary ports open (usually UDP 1194 for OpenVPN).
Review and launch the instance.

1.3

Download the .pem file for SSH access.
Open a terminal on your local machine and run:

bash
CopyEdit
chmod 400 path-to-your-pem-file.pem ssh -i path-to-your-pem-file.pem ubuntu@your-ec2-public-ip

Step 2: Install VPN Software

Now that you have a cloud instance, you need to install the VPN server software. Let's go with OpenVPN, a popular, open-source solution.

2.1

Update and upgrade the server:

bash
CopyEdit
sudo apt-get update && sudo apt-get upgrade -y
Install OpenVPN and Easy-RSA (a tool to manage certificates):

bash
CopyEdit
sudo apt-get install openvpn easy-rsa -y
Set up the Easy-RSA environment:

bash
CopyEdit
make-cadir ~/openvpn-ca cd ~/openvpn-ca
Configure Easy-RSA variables:
Edit the vars file:

bash
CopyEdit
nano vars 
Modify the following lines to match your organization:

arduino
CopyEdit
export KEY_COUNTRY="US" export KEY_PROVINCE="CA" export KEY_CITY="San Francisco" export KEY_ORG="MyVPN" export KEY_EMAIL="[email protected]"
Build the certificate authority (CA):

bash
CopyEdit
source vars ./clean-all ./build-ca
Generate the server certificate and key:

bash
CopyEdit
./build-key-server server
Generate Diffie-Hellman parameters:

bash
CopyEdit
./build-dh
Generate the HMAC key:

bash
CopyEdit
openvpn --genkey --secret keys/ta.key
Copy the server keys and certificates:

bash
CopyEdit
cd ~/openvpn-ca/keys sudo cp ca.crt server.crt server.key ta.key dh2048.pem /etc/openvpn

Step 3: Configure the OpenVPN Server

Now, you’ll configure OpenVPN to actually handle VPN connections.

3.1

bash
CopyEdit
sudo cp /usr/share/doc/openvpn/examples/sample-config-files/server.conf.gz /etc/openvpn/ sudo gzip -d /etc/openvpn/server.conf.gz

3.2

bash
CopyEdit
sudo nano /etc/openvpn/server.conf 
Make the following changes:

Uncomment and modify proto if needed (usually UDP):

nginx
CopyEdit
proto udp
Set the port to 1194 (default for OpenVPN):

yaml
CopyEdit
port 1194
Set the server directive to match your desired VPN subnet:

nginx
CopyEdit
server 10.8.0.0 255.255.255.0
Enable IP forwarding by uncommenting this line:

perl
CopyEdit
push "redirect-gateway def1 bypass-dhcp"
Enable DNS forwarding:

perl
CopyEdit
push "dhcp-option DNS 8.8.8.8" push "dhcp-option DNS 8.8.4.4"

3.3

Edit the sysctl configuration:

bash
CopyEdit
sudo nano /etc/sysctl.conf 
Uncomment the following line:

ini
CopyEdit
net.ipv4.ip_forward=1 
Apply the changes:

bash
CopyEdit
sudo sysctl -p

3.4

If you're using UFW (Uncomplicated Firewall), allow OpenVPN traffic:

bash
CopyEdit
sudo ufw allow 1194/udp sudo ufw allow OpenSSH sudo ufw enable

Step 4: Start the OpenVPN Server

Now that everything is configured, start the OpenVPN service.

bash
CopyEdit
sudo systemctl start openvpn@server sudo systemctl enable openvpn@server 
Check the status:

bash
CopyEdit
sudo systemctl status openvpn@server

Step 5: Create Client Configuration Files

Generate client certificates:

bash
CopyEdit
./build-key client1 
- Set the remote directive to your server’s public IP or domain:
 
 yaml
 CopyEdit
 remote your-server-ip 1194 
- Add the paths to the certificates:
 
 vbnet
 CopyEdit
 <ca> -----BEGIN CERTIFICATE----- (insert ca.crt contents here) -----END CERTIFICATE----- </ca> <cert> -----BEGIN CERTIFICATE----- (insert client.crt contents here) -----END CERTIFICATE----- </cert> <key> -----BEGIN PRIVATE KEY----- (insert client.key contents here) -----END PRIVATE KEY----- </key> <tls-auth> -----BEGIN OpenVPN Static key V1----- (insert ta.key contents here) -----END OpenVPN Static key V1----- </tls-auth>

Step 6: Connect the Client to the VPN

To connect the client:

Install the OpenVPN client on your local machine.
Import the .ovpn file into the OpenVPN client.
Start the connection, and it should connect to your cloud-based VPN server.

Step 7: Testing and Troubleshooting

Ensure the server is running:

bash
CopyEdit
sudo systemctl status openvpn@server
Check firewall rules to ensure nothing is blocking traffic.
Verify client connection using:

bash
CopyEdit
sudo journalctl -u openvpn@server

Optional: Using Docker for OpenVPN

If you'd prefer to use Docker for easier management, there's a ready-made OpenVPN container:

Run OpenVPN Docker container:

bash
CopyEdit
docker run -d -p 1194:1194/udp --name openvpn --cap-add=NET_ADMIN kylemanna/openvpn
Generate configuration files:

bash
CopyEdit
docker run -v /your/config/folder:/etc/openvpn --rm kylemanna/openvpn ovpn_genconfig -u udp://YOUR_SERVER_IP docker run -v /your/config/folder:/etc/openvpn --rm kylemanna/openvpn ovpn_initpki
Start the container:

bash
CopyEdit
docker start openvpn

Final Thoughts

Security: Always ensure you're using strong certificates and keys. Update the VPN software regularly.
Monitoring: Use logging and monitoring tools to keep track of VPN activity.
Scaling: If you plan to scale, you might want to use cloud load balancers or VPN clusters.

This guide provides you with the basic steps for setting up OpenVPN on a cloud server. Feel free to modify the steps based on your specific needs (e.g., scaling, multi-server setups, etc.).

Disco_P · 3 Aug 2025 at 09:36

GoogalyMoogaly said:
I tried to sign up for NordVPN using TopCashBack as they had a 95% cashback offer. But the purchase tracked at the wrong amount (lower) so I'm not getting the full amount (I realise VAT isn't included in the price cashback is paid on). I've raised a claim but it will take 1-3 months to sort out and I only have 31 days to cancel NordVPN. On top of this the estimate wait for a payout is 10 weeks!
So it looks like NordVPN is getting cancelled!

Well how much would it have been assuming the cashback paid out and inc VAT?

VPN's pay for themselves for me through the savings they enable

GoogalyMoogaly · 3 Aug 2025 at 11:01

Disco_P said:
Well how much would it have been assuming the cashback paid out and inc VAT?

VPN's pay for themselves for me through the savings they enable

The difference is about £10 cashback.
Also the terms weren't super clear so I'm not sure if there were restriction on the package I could sign up for and I may have gone for the wrong one, so I'm worried that even though the transaction is pending that it won't go through.

I'm not sure that a VPN would save me any money, I just though it might be useful to get one if it was cheap. But if the cashback isn't as much as I thought and given the hassle and uncertainty around cashback I'm not sure it's worth it.

mark43 · 3 Aug 2025 at 16:36

GoogalyMoogaly said:
The difference is about £10 cashback.
Also the terms weren't super clear so I'm not sure if there were restriction on the package I could sign up for and I may have gone for the wrong one, so I'm worried that even though the transaction is pending that it won't go through.

I'm not sure that a VPN would save me any money, I just though it might be useful to get one if it was cheap. But if the cashback isn't as much as I thought and given the hassle and uncertainty around cashback I'm not sure it's worth it.

It states this in the terms "Cashback is calculated based on the cost of the basic VPN package cost and does not include the value of any added extras or add ons."

So if you've gone for one of the higher packages that could explain why you are seeing a lower amount than you expect, cashback will be based on whatever the cost of the basic package is. The amount of time it takes for payout is pretty standard for most cashback on there.

GoogalyMoogaly · 3 Aug 2025 at 17:00

mark43 said:
It states this in the terms "Cashback is calculated based on the cost of the basic VPN package cost and does not include the value of any added extras or add ons."

So if you've gone for one of the higher packages that could explain why you are seeing a lower amount than you expect, cashback will be based on whatever the cost of the basic package is. The amount of time it takes for payout is pretty standard for most cashback on there.

I first read "basic" to mean that you only got cashback on the package you selected not any add-ons. On the NordVPN sign-up page Basic has a capital letter as it's the name of the package, but in the "Terms" on TopCashBack it has a lowercase b, thus suggesting they're not using it as a name.
Currently the amount being tracked is more than the Basic package costs, so I'm not sure what they're tracking it based on.
I'll give it a bit of time to see if anything gets sorted out, but will probably just cancel NordVPN within the 30 days and get my full refund.

I feel TopCashBack need to be more specific if the cashback relies on purchasing specific products that they clearly point out which products it applies to.

mark43 · 3 Aug 2025 at 17:20

GoogalyMoogaly said:
I first read "basic" to mean that you only got cashback on the package you selected not any add-ons. On the NordVPN sign-up page Basic has a capital letter as it's the name of the package, but in the "Terms" on TopCashBack it has a lowercase b, thus suggesting they're not using it as a name.
Currently the amount being tracked is more than the Basic package costs, so I'm not sure what they're tracking it based on.
I'll give it a bit of time to see if anything gets sorted out, but will probably just cancel NordVPN within the 30 days and get my full refund.

I feel TopCashBack need to be more specific if the cashback relies on purchasing specific products that they clearly point out which products it applies to.

Yeah, I'm not really sure tbh. I took it to mean that you could buy any package but that you would get cashback based on the price of the basic package, and that when it mentions not including other addons that was referring to some of the other additional things you can add, such as a dedicated IP for example. I agree the amount is odd though, I purchased the plus package and my cashback has been based on a purchase price of £71.06, which is somewhere between basic and plus.

I guess you could always query with their support, though cancelling if you're worried you won't get it could be the way to go. I think it will likely payout, but the rule with cash back is you should never really rely on getting it.

GoogalyMoogaly · 3 Aug 2025 at 17:48

mark43 said:
Yeah, I'm not really sure tbh. I took it to mean that you could buy any package but that you would get cashback based on the price of the basic package, and that when it mentions not including other addons that was referring to some of the other additional things you can add, such as a dedicated IP for example. I agree the amount is odd though, I purchased the plus package and my cashback has been based on a purchase price of £71.06, which is somewhere between basic and plus.

I guess you could always query with their support, though cancelling if you're worried you won't get it could be the way to go. I think it will likely payout, but the rule with cash back is you should never really rely on getting it.

Yeah, ideally you'd just use cashback on something you were going to get anyway, but given the size of these cashback offers it was the only reason I decided to buy.

mattyg · 4 Aug 2025 at 13:18

MarkeR said:
What are you struggling with?

Also, check out the unifi thread in this forum.

Really, The whole set up process, But I've got access to NowTV for the moment via cyberghost so everyone is happy. I'll upgrade the USG when i get back home to a UDM or whatever is recommended by those that know.. I'll need to do it pretty handy when i get back or I'll forget until 2 days before I go away again..

Django x2 · 4 Aug 2025 at 20:45

All these simps basically trying to avoid just honestly stating that they want it for porn. Just built your own VPN, takes about 10 mins and is free.

ChrisD. · 4 Aug 2025 at 22:30

VPN companies rubbing their hands together, much like the influx of new users.

GodAtum · 5 Aug 2025 at 21:41

Django x2 said:
All these simps basically trying to avoid just honestly stating that they want it for porn. Just built your own VPN, takes about 10 mins and is free.

What's the best place though. If you want it to be outside the UK maybe on AWS EC2 or Hetzner?

ChrisD. · 5 Aug 2025 at 23:57

GodAtum said:
What's the best place though. If you want it to be outside the UK maybe on AWS EC2 or Hetzner?

Oracle Cloud free tier also an option.

Avalon · 6 Aug 2025 at 09:42

mattyg said:
Really, The whole set up process, But I've got access to NowTV for the moment via cyberghost so everyone is happy. I'll upgrade the USG when i get back home to a UDM or whatever is recommended by those that know.. I'll need to do it pretty handy when i get back or I'll forget until 2 days before I go away again..

Apologies if this isn’t possible in USG, but on UDM - either by the app or the web account - you could enable Teleport on the router, copy the invite link, then just download Wifiman on the client devices, paste the link and click Teleport. Subject to the bandwidth of the remote and local connection, you then appear to be at home.

MarkeR · 16 Aug 2025 at 08:48

Using my VPN that I get free with my usenet access, no matter where i choose to change my location to the ip always gets traced back to Holland, tried every city in America and Canada that is listed.

IP location website traces the ip back top holland instead of NA, well out of 10 traces it comes back with 9 to Holland.

Is it time to pay for another VPN, or does anyone have any advice?

I download the openvpn config and load it onto a spare asus router with wrt loaded onto it, which is then plugged into my 2nd LAN port of my unifi usg which allows me to keep it seperate from my main network, great for easy swapping my netflix or prime location (or it would be) on my TV..

Thanks

Sin_Chase · 17 Aug 2025 at 16:34

MarkeR said:
Using my VPN that I get free with my usenet access, no matter where i choose to change my location to the ip always gets traced back to Holland, tried every city in America and Canada that is listed.

IP location website traces the ip back top holland instead of NA, well out of 10 traces it comes back with 9 to Holland.

Is it time to pay for another VPN, or does anyone have any advice?

I download the openvpn config and load it onto a spare asus router with wrt loaded onto it, which is then plugged into my 2nd LAN port of my unifi usg which allows me to keep it seperate from my main network, great for easy swapping my netflix or prime location (or it would be) on my TV..

Thanks

Are you sure youR traffic is actually routing via the VPN?

MarkeR · 17 Aug 2025 at 19:36

Sin_Chase said:
Are you sure youR traffic is actually routing via the VPN?

Yup
100% through the vpn, tried Montreal and Toronto there. Taking the IP address from the VPN stats page on my router. Both times 2 out of the 10 repsonses from iplocation.net come back as Canada, the others come back as a few different states in the USA..

Guess you get what you pay for lol...

Noughtboy · Thursday at 16:13

Hello there hoping for some technical advice or corrections on my current thoughts.
In this hypothetical situation if I have a child who will be away from home 7 days every 14 days and he wished to make use of a streaming service that we subscribe to (lets say Netflix and Prime) whilst out of the house on a TV is this the setup to use?

Buy him a travel router similar to the GL.iNet GL-SFT1200 (Opal).

Onto this, I can load the login details for a VPN. This is where it gets more complex. I would assume, in this hypothetical scenario, that if he was to use one of those streaming services via a VPN whilst whilst travelling and we were at home on our usual VM IP address, it would flag something up?

If I am overthinking it, great and I can stop at the travel router and VPN.

However, I am thinking that I would need to buy another router for home, put the HUB 5 into modem mode and then install a VPN "tunnel" onto the new router. All of our home devices (phones, PC etc) would connect to this new wireless router using the VPN server and he would also have to log into (or connect to) that router, sort of as a default gateway, with his router whilst on the road so that we all use the same AP or possibly IP to connect to the streaming service.

Which is the option most likely?

TIA and apologies if I have mangled any technical terms.

NB

ChrisD. · Thursday at 19:03

You'll be lucky, most subscription services require location services to be enabled to watch, and they also block known VPN providers IPs/hostnames.

MarkeR · Thursday at 19:04

Netflix allows you to go travelling and have people watch at home as normal, as long as the device reconnects to the "home" internet within 30 days all will be good. Repeat as needed.

No idea about Prime, sorry.

I use my unifi USG to create a vpn that I can login into from anywhere, i'm sure other routers wil do the same job.

*** VPN Thread ***

ChatGPT said:​

Step 1: Set up a Cloud Instance​

1.1 ​

1.2 ​

1.3 ​

Step 2: Install VPN Software​

2.1 ​

Step 3: Configure the OpenVPN Server​

3.1 ​

3.2 ​

3.3 ​

3.4 ​

Step 4: Start the OpenVPN Server​

Step 5: Create Client Configuration Files​

Step 6: Connect the Client to the VPN​

Step 7: Testing and Troubleshooting​

Optional: Using Docker for OpenVPN​

Final Thoughts​