Automatic VPN and Mumble deployment to g-cloud

This is a hobby project that automatically deploys level 2 Openvpn server to the Google cloud with maximum ip forwarding. This project was made because there were very big networking problems with couple of multiplayer games due to nat. VPN tunnel that is deployed by this project should provide ulta stable and low latency VPN that should provide perfectly stable multiplayer experience even in worst networking conditions.

This script is pretty hard to setup since it is not fully automatic. Follow all the points told bellow excatly

1. Create account to goole cloud
   • Google cloud
2. Install openssh, git and gcloud command to your linux machine
   • gcloud install
   • run gcloud init to setup command properly
3. Configure network in Google cloud
   • Go to VPC network site
   • Create new VPC network
   • Network name gm-vpn-network
   • Subnet name gm-vpn-subnet
   • Region europe-north1
   • Ip address range 10.144.0.0/16
   • Private Google access off
   • Flow logs on
   • Dynamic routing mode regional
   • DNS server policy No server policy
4. Configure firewall in Google cloud
   • VPC firewall
   • Add firewall rules to allow traffic on tcp ports 22, 80 and 443
   • Create firewall rule
   • Name gm-vpn-firewall
   • Network gm-vpn-network
   • Targets all instances in network
   • IP ranges 0.0.0.0/0
   • Specified protocols and ports tcp 22, 80, 443
5. Create multi ip image
   • This is necessary to give instance multiple ip addresses and make the system work.
   • Run command in the cloud console (can be found from up right): gcloud compute images create ubuntu-multi-ip-subnet --source-image projects/ubuntu-os-cloud/global/images/ubuntu-minimal-1910-eoan-v20200406 --storage-locationeurope-north1 --guest-os-features MULTI_IP_SUBNET
   • More info available for this command here and here
6. Prepare deployer
   • clone the repo
   • git clone https://github.com/softgitron/gm-vpn.git
   • Copy default_config.json to config.json
   • Change your personal project name to json
   • Project name can be found from Google cloud main page
   • Put Project ID to project_name field in json
   • Find your service account from IAM panel
   • Correct service account should have name like #########[email protected]
   • Put service account to service_account field in json
   • Change names field to your liking. By default there is only three clients
7. Run deployer
   • Start deployer by running ./deploy.py
   • This script should now do the rest
   • Wait some time before trying to connect
   • It can take up to 5 minutes before VPN is up
   • After the client side (not instance side) script has completed last thing it prints should be ip address
   • This ip address can be used to access instance if anything goes wrong (ssh address@printed_ip -i id_rsa)
8. Setup VPN connection from Windows
   • Download openvpn client from Openvpn site (Windows 10/Server 2016...)
   • Go to external ip address that was shown on the console with web browser
   • Download and extract zip that is in the site
   • Start Openvpn
   • Openvpn should start in the right on the taskbar.
   • Right click Openvpn icon and click Import from file
   • Select any of the files inside zip
   • Right click Openvpn icon and press connect
   • If everything goes well you should have now full connection to vpn
   • You can check the situation by accessing speedtest.net for example
   • Website should now show that you are from Google cloud platform
   • Note if you want to give access to your friends only part 8 is required for them

This script installs also mumble server to the instance. Mumble server should be accessible by default in 10.144.2.2 address

If someone ever tries to set this up free to contact me. This script is not very robust for errors so everything must be done precisely.

It took me four days and three nights to develop this script into working condition.