Categories
Linux

Linux: PrivateInternetAccess Using OpenVPN and Squid Proxy – Part 1

This entry is part 1 of 4 in the series PrivateInternetAccess Using Squid Proxy and OpenVPN

PrivateInternetAccess Using OpenVPN and Squid Proxy – Introduction

This series of articles describes how to set up a VPN connection to PrivateInternetAccess using OpenVPN and squid proxy to share the VPN connection and overcome the 5 device limit on the PIA account.

We will be using:

  • Debian Wheezy netinstall ISO
    • webmin – to configure our server
    • OpenVPN – to create our VPN connection
    • squid proxy – to route specific traffic or applications through the VPN

Our network diagram for this example is as follows:

The client is sitting on the 172.16.16.0 network and accessing the proxy in the DMZ 192.168.101.0 subnet. Outgoing traffic will then be routed out through the VPN interface (tun0) encrypted and anonymised.

This series is organised as follows:

  1.  Installing Debian using the netinstall method and making sure we have the correct software installed
  2. Configuring squid proxy
  3. Installing and configuring OpenVPN to connect to the PrivateInternetAccess VPN
  4.  Final words

Enjoy and comments welcome!

 

Categories
Linux

Linux: PrivateInternetAccess Using OpenVPN and Squid Proxy – Part 2

This entry is part 2 of 4 in the series PrivateInternetAccess Using Squid Proxy and OpenVPN

PrivateInternetAccess Using OpenVPN and Squid Proxy – Software Installation

In this article we are going to run through the Debian, OpenVPN and Squid proxy software installation. In this tutorial we are installing it on a virtual machine in an ESXi environment but it can obviously be installed on any PC, virtual or otherwise. We are using a dual-core CPU with 2GB of RAM which is more than enough for a light-user proxy.

Let’s get started!

1. Download the netinstall iso, burn it to CD/DVD if necessary and boot. Run through the install and make sure to specify your static IP. You only need a minimal installation, no desktop manager so select the options as shown:

2. Once installed and logged in, update the apt repositories with apt-get update:

3. Install the Webmin software

  • Install the required dependencies:
  • apt-get install perl libnet-ssleay-perl openssl libauthen-pam-perl libpam-runtime libio-pty-perl apt-show-versions python
  • Answer “y” when prompted to download and debian will do the rest.
  • Download the webmin package and instal with dpkg:
  • dpkg -i webmin-current.deb:

4. Install the OpenVPN software:

  • apt-get install openvpn

5. Install squid proxy software:

  • apt-get install squid

Now we’re all installed, it’s time for the configuration.

Categories
Linux

Linux: PrivateInternetAccess Using OpenVPN and Squid Proxy – Part 3

This entry is part 3 of 4 in the series PrivateInternetAccess Using Squid Proxy and OpenVPN

PrivateInternetAccess Using OpenVPN and Squid Proxy – Squid Configuration

This article in the series walks us through using webmin and configure the squid proxy server to accept and forward connections for clients.

1. Access the interface on https://192.168.101.6:10000

2. On the left-hand side control panel, locate “Unused Modules,” expand this and scroll down to “Squid Proxy Server.” You will see the following error message – click on the circled link to adjust the module parameters:

3. Change all references to “squid3” to “squid” as shown in the circled fields below, click “Save” when finished.

4. As squid denies all connections by default, we need to allow users access. In this example we’re going to allow *all* users to access the proxy – you can of course create access lists based on users / groups etc. but that is beyond the scope of this tutorial. Click on the “Access Control” icon to continue.

Navigate to the “Proxy Restrictions” tab and click the “Deny” link next to “all”:

Now simply change the “Deny” to “Allow” and don’t forget to click “Apply changes” on the top right-hand side of the screen!

       

Job done! You can now check that you have access to the proxy by configuring your browser to use a proxy and then browsing to a website, e.g. www.whatsmyip.org. Here you should see the public IP address of your router.

Now – let’s get anonymised!