Amazon Web Services offer cloud based servers that allow a user to easily setup a remote Linux server and host a VPN to use an unfiltered Internet connection that can pass through a proxy if you use port 443. This script is from Rosehosting.com, I had to fix one line in it to get the Ethernet adapter of the machine it runs on, so I uploaded it to the pastebin to host this new version. Upload this script to your Amazon AWS instance and make it executable.
chmod +x vpn.sh
Then run this script as root.
This will go through the entire process of creating a VPN configuration with one client.ovpn file which you download to a client and use to connect to the VPN server. Once you are connected to the VPN, you may connect using the server IP.
Here is an example;
ssh -i VOIPSystemServer.pem firstname.lastname@example.org
This line in your iptables configuration is necessary for the routing to work properly.
iptables -t nat -A POSTROUTING -s 10.8.0.0/24 -o eth0 -j MASQUERADE
Then you should be able to route all Internet traffic through your VPN.
This is what my iptables configuration looks like on my Amazon AWS instance.
[email protected]:~$ sudo iptables-save # Generated by iptables-save v1.4.21 on Thu Oct 23 23:24:56 2014 *filter :INPUT ACCEPT [3949772:556077068] :FORWARD ACCEPT [3995612:5433423511] :OUTPUT ACCEPT [4563664:5917631698] COMMIT # Completed on Thu Oct 23 23:24:56 2014 # Generated by iptables-save v1.4.21 on Thu Oct 23 23:24:56 2014 *nat :PREROUTING ACCEPT [5994:349922] :INPUT ACCEPT [234:12072] :OUTPUT ACCEPT [568:50233] :POSTROUTING ACCEPT [568:50233] -A POSTROUTING -s 10.8.0.0/24 -o eth0 -j MASQUERADE COMMIT # Completed on Thu Oct 23 23:24:56 2014
I did not require a ta.key, I added one later, but it did not make too much difference. The configuration is secure, there are more tweaks though that can further increase VPN security. There is a document here: http://openvpn.net/index.php/open-source/documentation/security-overview.html. This contains a lot of information about the security of a VPN and how this works. But this script really does work. Run this on a test machine and you will see how easy it is to create a secure Virtual Private Network.