Background
Since I will be travelling to China next week I thought now would be a good time to setup a VPN that at least had some chance of working through the GFW. After doing some research I found there are a few possible solutions but the one I settled on was using OpenVPN with the scramble patch.
The goal of this guide is to help those travelling or living in China or other countries that have limitations on their internet access. In my case I am trying to bypass China’s Great Firewall which actively seeks out VPN connections and blocks them. Using a typical OpenVPN configuration is no longer good enough as the GFW uses deep packet inspection to block OpenVPN connections. Using an obfuscation technique I hope it will confuse the deep packet inspection and let the VPN function. Full credit to the author of this thread for designing the scrambling technique.
Choosing a Server
I found a cheap VPN provider that has TUN/TAP enabled and a dedicated IP since I didn’t want to worry about a NAT’d IP. The actual specs of the machine are not that important as long as you get a sufficient amount of bandwidth for what you need it for. I also selected one in the USA despite the privacy concerns but for the added benefit of being able to use it for US Netflix and other USA only services. This is not meant to be an extremely NSA-proof server, but something I can use to get around China’s firewall restrictions. If you have more privacy concerns, I would choose something in another country.
My Server Specs:
- Ubuntu-12.04-x86_64-minimal
- OpenVZ
- 20gb HDD
- RAM: 768mb / vSWAP: 768mb
- 2TB Bandwidth
- 1 IPv4
Lets get to setting up the server.
(more…)