Ipvanish VPN

From Amahi Wiki
Jump to: navigation, search

Below you will find a guide on how to connect your Amahi server HDA as a client to Ipvanish VPN.
We are going to connect your HDA through a VPN tunnel to Ipvanish's servers. We will ssh into your HDA, show your current IP addresses Geo location and then connect to Ipvanish's servers and show the geolocation again. I will also introduce you to ways on how to check that your HDA is definitely connected by using a shell based text browser called lynx. Connecting is not a problem as such. I have yet to find a clean way to disconnect the VPN tunnel. in the last part of this tutorial we will disconnect from the VPN tunnel manually ( the hard way).

What is Ipvanish

Ipvanish is a service that allows you to connect through a secure VPN tunnel and change your locations IP address. this is in particular useful if you need to browse something that is not accessible for your country location. read more about IPvanish here

Prerequisites

- This tutorial assumes that you are running your Amahi HDA headless on version 9 based on fedora 23. Installation instructions can be found here
- You have Openvpn server installed. ( for this tutorial we purchased the amahi app for openvpn). can be purchased here
- Please understand that this tutorial is not perfect as closing the VPN tunnel still requires some manual work.
- I am currently working on a shell script that will allow you to connect , show the status of your geolocation and disconnect.

Getting your config files

You will need to browse on another computer to the location of Ipvanish's config files and decide which location config file you would like to use. please see here
For this example I have used ipvanish-NL-Amsterdam-ams-a17.ovpn. You will also need the certificate file ca.ipvanish.com.crt

lets ssh into our HDA server and get these files.
open a terminal window using putty or for linux or mac just use terminal.

ssh username@your_hda_ip_adress
replace ssh username with your HDA login credentials and your_hda_ip_address with the ip address of your HDA

After inputting your password you should be in your username folder. In this folder we are going to create a new folder and then change directory to this folder. We will store the config files here
mkdir ipvanish
cd ipvanish

now lets download the files
wget http://www.ipvanish.com/software/configs/ca.ipvanish.com.crt
wget http://www.ipvanish.com/software/configs/ipvanish-NL-Amsterdam-ams-a17.ovpn

Connecting to your VPN

If you have followed the above steps you should have successfully downloaded the config files and we are ready to connect.

issue the following command
sudo openvpn --config ipvanish-NL-Amsterdam-ams-a17.ovpn.
of course replace your server config name with the one you have chosen.
You will be firstly asked to input your HDA's super user password and then the script will run. At some point during the script you will be prompted for your Ipvanish username and password.

You are now connected. The shell window will show a bunch of code. you will not be able to enter any code to it. Just close the Shell window.

Confirming your Ipvanish VPN connection

There are a couple ways to check wether your connection to Ipvanish's servers has really happened. I will show you a couple ways below

- Using freegeoip.net

firstly lets get our wan IP address.
Issue the following command whilst logged into shell.
dig +short myip.opendns.com @resolver1.opendns.com

this will show you you current wan IP address.
in the example above it shows 81.171.81.95

Using freegeoip.net we are going to see what the location of this IP address is by issuing the following command
curl freegeoip.net/xml/81.171.81.95
this will display the location of the server and you will see that you are now connected through a different country.

<Response>
<IP>81.171.81.95</IP>
<CountryCode>US</CountryCode>
<CountryName>United States</CountryName>
<RegionCode>NY</RegionCode>
<RegionName>New York</RegionName>
<City>New York</City>
<ZipCode>10118</ZipCode>
<TimeZone>America/New_York</TimeZone>
<Latitude>40.7143</Latitude>
<Longitude>-74.006</Longitude>
<MetroCode>501</MetroCode>
</Response>


- The second way you can confirm that you are connected to Ipvanish VPN is Using a terminal based text browser Lynx.
If the site is blocked by your ISP's warning message using Lynx we can browse and see the warning message. Once connected to Ipvanish VPN you can browse the blocked website again and see that the warning message is no longer there and you can visit the site.

Lynx is not installed by default so we will have to install this application

issue the following command
sudo dnf install lynx

Once the application is installed you can browse the web using your shell terminal as follows
Issue the following command lynx http://www.google.com

of course google is not on anyone's blocked list. So please check here for sites that are blocked by ISP's and confirm that you can browse them without any block message.

- Alternatively you can always logon to your Amahi control panel https://www.amahi.org/users and under the section Alerts you can see that your Wan IP address of your HDA has changed.

Disconnecting Ipvanish VPN

As mentioned before disconnecting the VPN tunnel is a little troublesome as it doesn't disconnect in an easy way.
we need to find the VPN tunnel connection and then using a Kill command stop it


Issue the following command in your shell console
ifconfig
look out for a connection named tun0 or tun1 that looks like this <POINTOPOINT,NOARP,MULTICAST>.

once we have identified the connection we simply kill it by issuing the following command

sudo ifconfig tun0 down
or
sudo ifconfig tun1 down


Using the section above 'Confirming your Ipvanish VPN connection' you will be able to check that you are back on your ISP's wan IP.