Nuxtstop

For all things nuxt.js

Oracle Cloud free tier: Create your free personal VPN using Tailscale

20 0

Introduction

I've found myself in a situation when I'd like to be in other region to avoid some content restriction. I know there are free options with easy installs, but I'm concerned about others spoofing in my traffic. That sounds familiar to you?

I've got you covered! With a little bit of work, you can configure your own VPN for free, with a server configured in the US that will route your traffic, just like if you were in the United States. This is a feature from Tailscale, called exit-nodes which happens to have a free plan. Running a server in a cloud provider may cost you some bucks, but Oracle Cloud has a generous always-free tier that suits us perfectly for this task. So, we'll be using free resources to accomplish our mission.

First and foremost, we need to create our accounts. The account creation for Oracle Cloud is described under
https://www.oracle.com/cloud/free/ Sign up section. We won't dig into that account creation here, but the only thing you'll be aware is of your home region, be careful and set that option to some region in the United States.

Once you have access to Oracle Cloud, we'll jump into the creation of our Tailscale account.

Let's go to https://login.tailscale.com/start to create our account. You'll need to use a third-party identity provider, so choose the one you feel more comfortable with.

You'll be asked to grant permissions to Tailscale for accessing your account's data, click Allow.
Granting permissions to Tailscale for identifying your account.

Next there is an installation guide for a lot of operative systems, but we'll stop right there for now and jump into our VM creation.

Instructions to install in several operating systems

Go to your Oracle Cloud account,Find to Compute > Instances section and select Create Instance.

Oracle Cloud Compute and Instances menu

So, we need name for the VM. I'll use tailscale-exit-node. Then, there is a placement section, to specify where this VM should be created. We can collapse this section and leave it just as it is.

In Image option, select Ubuntu 20.04 and for Shape change it to the following options:

Instance type: Virtual Machine
Shape series: Ampere
Shape name: VM.Standard.A1.Flex
Number of OCPUs: 1
Memory: 6 GB at most

Details of the Virtual Machine's shape

Operating System of our Virtual Machine

Under Network section, you’ll see a Virtual Cloud Network setup. We’ll skip that section and use the default values.

Then, we will go to Add SSH keys. These keys allow us to log in remotely to our VM, select Generate a new key pair for me and download the private key using the "Save Private Key option" before clicking on create instance.

Do not forget to save your Private Key

Lastly, check on "Use in-transit encryption" under boot volume options.

Now, we can click on "Create" button.

Your Virtual Machine is now under provisioning status

You will see a page with the details of the instance, which shows a PROVISIONING state on the upper left, which means our VM is under creation. Look for the Instance Access section and copy the Public IP Address value, which we will use to access our server. Provisioning the VM may take around 5 minutes, but once it is ready, it'll appear in RUNNING state.

Remember that private key you just downloaded? keep it safe since its your access to the server!. For accessing the server we will use in the terminal:

ssh -i [my-private-key] ubuntu@[PUBLIC_IP]

But replacing [my-private-key] with your private key location, and [PUBLIC_IP] for the IP you copied before.

Once we're there, we'll begin with the tailscale installation.

If you go to https://tailscale.com/download/linux, you'll see there is a one-line command to begin the installation, so we'll use that command in our terminal connected to the VM:

Tailscale download instructions for Linux

curl -fsSL https://tailscale.com/install.sh | sh

Your VM will work for some seconds, and when installation finishes a message will appear:

Installation complete! Log in to start using Tailscale by running:

sudo tailscale up
Enter fullscreen mode Exit fullscreen mode

Before running the command to start tailscale, let's enable the IP forwarding feature in our server. For that, copy the following commands in the terminal:

echo 'net.ipv4.ip_forward = 1' | sudo tee -a /etc/sysctl.conf
echo 'net.ipv6.conf.all.forwarding = 1' | sudo tee -a /etc/sysctl.conf
sudo sysctl -p /etc/sysctl.conf
Enter fullscreen mode Exit fullscreen mode

//Adverstising node from shell and tailscale admin

Ok then!, then, let's run the command with an additional flag, that will mark this machine as a traffic forwarder:

sudo tailscale up --advertise-exit-node

You'll get another message in the console similar to this:

To authenticate, visit:

    https://login.tailscale.com/a/[SOME_ID]
Enter fullscreen mode Exit fullscreen mode

Copy the link in the browser, log in using the Tailscale account you created before. In your browser, you'll get a message indicating that is good to close the tab, so please do it. In your terminal, you'll see a Success message.

//Log in using mobile or another client

Next, we will configure our own machine to connect to the remote server and use it as a bridge for our internet traffic. Go to https://login.tailscale.com/admin/welcome and follow the on-screen instructions for your local OS. (Windows, macOS, Linux, or iOS and Android devices). Once this is done, you will see two machines in your admin page.

List of your Tailscale devices

Under the same page, go to the three-dot menu in the row of our tailscale-exit-node and click on Edit route settings.... Then, turn on the switch for enabling the exit node option.

Option to use exit node in Tailscale UI

We're almost done with the configuration!.
Lastly, we should go to our other device, and use that exit node we configured.

In Android, you can click the three-dot menu, next Use exit node... and select the option of tailscale-exit-node.

How to enable exit node in Android

And that's it!. Now, you're faking the internet believing that your IP is the one from the server we configured, which happens to be in the US!. In reality, all the internet traffic is now routed through that server you own, in a secure way so nobody can spoof.

If you want to confirm this, you can use whatismyip.com site to check that the IP address in your local device is the same that the one in your server.

Remember that using a Tailscale VPN exit node can also secure your traffic when using non-trustable public networks, such as a coffee shop WiFi, the hotspot in the airport or any other public place. You can add up to 20 devices to this VPN for free; such as mobiles, laptops and tablets that can use the exit node we configured. If you need more than that, you can upgrade your Taiscale plan.

I hope you find useful this guide! I'll try to share more ways you can use Oracle Cloud for free, for those who are new in the cloud world and want to experiment without risk to have any surprising bills.