Setting up a VPN (PPTP) server (Ubuntu 14.04)
In order to change my IP address for all communication, including streaming, I configured a PPTP-based VPN on Amazon EC2. This is a record of that process.
Setting up the server
To improve network speed I used an m3.medium instance. As of May 2014, using a spot instance costs about $0.0081/hour. For the OS I used Ubuntu Server 14.04 LTS (PV), which is provided by Amazon.
Installing and configuring the PPTP server
Installing pptpd
sudo apt-get install pptpd
Configuring pptpd
/etc/pptpd.conf
Set an IP address range that does not overlap with your local network. Here I use 192.168.200.*.
localip 192.168.200.2
remoteip 192.168.200.128-191
/etc/ppp/pptpd-options
Configure DNS. Here I use Google's public DNS.
ms-dns 8.8.8.8
ms-dns 8.8.4.4
/etc/ppp/chap-secrets
Configure the username and password. Replace username and password with your own before writing them. The second field is the server name, and it needs to match the name in /etc/ppp/options.pptpd; since it defaults to pptpd, this is fine as is. Depending on your situation you can also use * to match everything.
username pptpd "password" *
Configuring NAT
/etc/sysctl.conf
Enable IPv4 forwarding.
net.ipv4.ip_forward=1
/etc/rc.local
Make the startup script bring up NAT automatically. This only takes effect when the instance restarts. If you are not going to restart, run this command directly to bring up NAT.
sudo iptables -t nat -A POSTROUTING -s 192.168.200.0/24 -j MASQUERADE
Applying the settings
Load the settings changed in /etc/sysctl.conf.
sudo sysctl -p
Restarting pptpd
Restart pptpd so that the settings configured so far take effect.
sudo /etc/init.d/pptpd restart
Setting up the VPN on a Mac
Open "System Preferences" and then "Network." Click the "+" button at the bottom left to move to the screen for adding a new interface, set the interface to "VPN" and the VPN type to "PPTP," and add the VPN interface.
Next, click the gear button, open "Set Service Order…," and move the VPN interface you added to the very top.
- Server Address … Set the IP address of the server on which you set up pptpd (e.g. ec2-XXX-XXX-XXX-XXX.us-west-2.compute.amazonaws.com)
- Account Name … Use the username you set in /etc/ppp/chap-secrets
- Password … Open "Authentication Settings…," choose "Password," and use the password you set in /etc/ppp/chap-secrets
Enabling "Show VPN status in menu bar" here is convenient, since it lets you connect and disconnect the VPN without opening System Preferences.
References