In this article we are going to run through the Debian, OpenVPN and Squid proxy software installation. In this tutorial we are installing it on a virtual machine in an ESXi environment but it can obviously be installed on any PC, virtual or otherwise. We are using a dual-core CPU with 2GB of RAM which is more than enough for a light-user proxy.
Let’s get started!
1. Download the netinstall iso, burn it to CD/DVD if necessary and boot. Run through the install and make sure to specify your static IP. You only need a minimal installation, no desktop manager so select the options as shown:
2. Once installed and logged in, update the apt repositories with apt-get update:
3. Install the OpenVPN software:
apt-get install openvpn
4. Install the dante software software:
apt-get install dante-server
Now we’re all installed, it’s time for the configuration.
In a previous series of articles we looked at how to use Squid Proxy to overcome the five devices maximum limit when subscribed to the PrivateInternetAccess VPN anonymising service. While this is useful when needing to browse anonymously, it doesn’t help when using other non-HTTP protocols e.g. FTP, SMTP, SSH so to that end we present this PrivateInternetAccess SOCKS Proxy tutorial.
To this end, we need to employ a SOCKS (sockets) proxy: A SOCKS proxy is a general purpose proxy server that establishes a TCP connection to another server on behalf of a client and then routes all the traffic back and forth between the client and the server. It works for any kind of network protocol on any port.
In this tutorial we will be building on parts of the previous tutorial but using the Dante SOCKS proxy instead of Squid.
dante – to proxy specific traffic or applications through the VPN
Our network diagram for this example is as follows:
The client is sitting on the 172.16.16.0 network and accessing the proxy in the DMZ 192.168.101.0 subnet. Outgoing traffic will then be routed out through the VPN interface (tun0) encrypted and anonymised.
If you find Netflix not working on your device – be it a PS3, PS4, Smart TV, Apple TV, Xbox, iPad, Android and so on then you may find the following will help! This experience was with BT as a broadband provider but may well be applicable to others – Talktalk, Virgin, EE etc. – if they offer some type of parental controls.
Your internet is connected and everything else is working, Netflix is the only problem. If you have delved into the logs you may find something like:
netflix server 1 connected
netflix server 2 and 3 not connected
You have probably tried one or more of the following:
a factory reset of your TV
a reboot of your router
changed your connection to wired in case it’s the wifi connection which is problematic
even changed to a different router (!)
rung Netflix who have advised you to ring your ISP
rung your ISP only to be told to ring Netflix
If you have BT’s “Parental Controls” enabled then you will not be able to resolve addresses unless you (i.e. your router) are using BT’s DNS servers – change your DNS server on your router to something else and your connections will die very quickly.
Turn off BT Parental Controls – preferably permanently if you can. Should you just disable them temporarily then they may come back and bite you in the future – every time BT updates their controls they seem to be turned on again by default.
Turning off BT Parental Controls temporarily
Should you wish to turn off your BT Parental Controls at any time there’s a simple way to do this whilst keeping your settings, should you wish to reactivate Parental Controls. Here’s how: