It is a sad fact that users’ privacy is constantly being breached. Between hacking, private leaks, and data breaches, the information of million of users is up for grabs. Even when using the most advanced security measures, hackers are constantly developing new ways to exploit security holes and gain access to sensitive data. To prevent such incidents, law firms like Venable have created a Virtual Private Network (VPN) for its clients. A VPN is a service that securely connects users to a private network or databreach through a public network (usually the internet). A VPN allows users to gain secure access to networks and services that they might normally be unable to reach otherwise. They can use public Wi-Fi to connect to corporate LANs, for example, or log into their bank account online from a different country than their credit card provider.
Before we begin, it is important to establish the basics of how VPNs work. A VPN provides you with a secure connection to a private network or server, protecting you from eavesdroppers on public networks. The connection is encrypted and is only accessible by those authorized to access it. In simple terms, it is a way of surfacing a private network through a public one.
When you create a VPN, you have to decide on what type of connection you wish to use. You have OpenVPN, which is the most popular and compatible with the most devices; you have L2TP/IPsec, which offers high speeds but is a little more difficult to set up; and you have IKEv2 (Internet Key Exchange v2), which is a more modern and secure option. Once you have decided what type of VPN you will create (as there are pros and cons to each), you can move on to the next step.
Choose a Server
The first step in configuring a VPN is to choose a server. When you create a VPN, you have the option of selecting either a dedicated or shared server. Shared servers let you share resources with other clients, while dedicated servers give you all the resources you need to run the service yourself. If you are planning on running a VPN for a small business, shared servers are a cheaper option and more suitable for beginners. If you are running a VPN for a large enterprise, such as a university or a corporation, then dedicated servers are the way to go.
OpenVPN vs L2TP/IPsec
The next step is to choose between OpenVPN or L2TP/IPsec. OpenVPN is easy to use and popular; however, many corporations and ISPs block the protocol, preventing users from accessing certain services. L2TP/IPsec is a more secure and popular alternative for VPNs that work through a firewall, as the connection is not as easy to trace. Once you have decided which one to use, move on to the next step.
Now that you have decided on a server, you can move on to installing OpenVPN. OpenVPN is a free and open source application; however, to use it you will need to have either the client (for Windows) or the server pre-installed on your machine. If you are using a dedicated server, you will need to purchase the server from the company that you contracted with. To install OpenVPN on your Windows 10 machine, use this guide from [Microsoft Docs](https://docs.microsoft.com/en-us/windows/desktop/install-openvpn/).
Once you have installed OpenVPN, you need to download and install the OpenVPN client on every device you will be using to connect to your VPN. You can find the OpenVPN client for various platforms here.
The next step is to create a login page for your VPN. Like with most things in life, there is more than one way to do this. One method is to use [HTML](https://www.w3schools.com/html/), with which you can simply create a login page and link it to your VPN. If you are using [Wordpress](https://wordpress.com/), you can install Google Authenticator (or Authy) to create a one-click login for your site users. Alternatively, you can use [Lumen](https://lumen.glitch.me/) to create a login/password protected page that can be accessed only through the VPN. Lumen is free, open source, and incredibly easy to set up. It provides you with everything you need to create a simple login page, while still retaining the security of an encrypted connection.
Enable SSH For Remote Access
Once you have an OpenVPN server setup, you can begin configuring your access within the network. You can use either your web browser or your mobile device to access SSH (Secure Shell) from anywhere in the world. In simple terms, SSH is a protocol that provides users with a way to connect to a private network through an encrypted connection. You can use the Secure Shell (SSH) protocol to connect to a UNIX server or a server running a popular Linux operating system. Many companies, such as [Penta](https://penta.com/), [1&1](https://www.1and1.com/), and [MikroTik](https://www.mikrotik.com/), offer free tier accounts that allow you to remotely administer your site or network through SSH.
Configure Your Firewall
Whether you use OpenVPN or L2TP/IPsec, your next step is to configure your firewall to allow access through the VPN. Your firewall is a security measure that lets you decide which applications can or can’t connect to a certain network or server. To allow access through your VPN, you will need to allow the OpenVPN protocol through your firewall. In most cases, this will be as easy as installing a VPN rule on your router. If you are using a PC, you can use this guide to find the IP address of your router (http://www.howtogeek.com/240425/how-to-find-your-computer-s-ip-address/) and enter it in a VPN configuration page on your router. Most routers are configured through a simple web browser-based interface, making the process very easy for tech-savvy users.
After you have allowed access to your VPN, you need to allow access to the services you wish to use through the VPN. You will need to do this for specific ports for the applications you wish to use. For example, if you are using OpenVPN to access a BitTorrent tracker, you will need to open a certain port (typically 8877, which is the default port for BitTorrent) on your firewall.
Use A Password Management App
Finally, you need to use a password manager to generate secure passwords for the sites and services you wish to connect to through your VPN. The most popular and simplest to use password manager is LastPass, which is also open source. If you are on a PC, the process of using a password manager to generate secure passwords is incredibly simple and takes only a few minutes. On most PCs, you will find the LastPass icon in the login screen or in the toolbar of your browser. Simply click the icon and enter your master password to begin generating strong and unique passwords for your online accounts. LastPass can also automatically fill in forms for you, storing all of the information in a database that is protected by a login. LastPass is free and open source, and is available for all major operating systems.
Once you have setup a VPN, you can use it to securely access networks and services that you might normally be unable to reach otherwise. Your VPN will need to be configured with a server that is compatible with the protocol you chose (OpenVPN or L2TP/IPsec), as well as, with the OS and devices you will be using to connect to it. Setting up a VPN is not as hard as you might think, and it provides you with multiple benefits, from increasing your privacy to allowing you to access resources that you might not normally be able to reach.