Oracle Cloud free tier: Create your free personal VPN using Tailscale
Introduction
I've found myself in a situation when I'd like to be in other region to avoid some content restriction. I know there are free options with easy installs, but I'm concerned about others spoofing in my traffic. That sounds familiar to you?
I've got you covered! With a little bit of work, you can configure your own VPN for free, with a server configured in the US that will route your traffic, just like if you were in the United States. This is a feature from Tailscale, called exit-nodes which happens to have a free plan. Running a server in a cloud provider may cost you some bucks, but Oracle Cloud has a generous always-free tier that suits us perfectly for this task. So, we'll be using free resources to accomplish our mission.
First and foremost, we need to create our accounts. The account creation for Oracle Cloud is described under
https://www.oracle.com/cloud/free/ Sign up section. We won't dig into that account creation here, but the only thing you'll be aware is of your home region, be careful and set that option to some region in the United States.
Once you have access to Oracle Cloud, we'll jump into the creation of our Tailscale account.
Let's go to https://login.tailscale.com/start to create our account. You'll need to use a third-party identity provider, so choose the one you feel more comfortable with.
You'll be asked to grant permissions to Tailscale for accessing your account's data, click Allow.
Next there is an installation guide for a lot of operative systems, but we'll stop right there for now and jump into our VM creation.
Go to your Oracle Cloud account,Find to Compute > Instances section and select Create Instance.
So, we need name for the VM. I'll use tailscale-exit-node
. Then, there is a placement section, to specify where this VM should be created. We can collapse this section and leave it just as it is.
In Image option, select Ubuntu 20.04
and for Shape change it to the following options:
Instance type: Virtual Machine
Shape series: Ampere
Shape name: VM.Standard.A1.Flex
Number of OCPUs: 1
Memory: 6 GB at most
Under Network section, you’ll see a Virtual Cloud Network setup. We’ll skip that section and use the default values.
Then, we will go to Add SSH keys. These keys allow us to log in remotely to our VM, select Generate a new key pair for me and download the private key using the "Save Private Key option" before clicking on create instance.
Lastly, check on "Use in-transit encryption" under boot volume options.
Now, we can click on "Create" button.
You will see a page with the details of the instance, which shows a PROVISIONING state on the upper left, which means our VM is under creation. Look for the Instance Access section and copy the Public IP Address value, which we will use to access our server. Provisioning the VM may take around 5 minutes, but once it is ready, it'll appear in RUNNING state.
Remember that private key you just downloaded? keep it safe since its your access to the server!. For accessing the server we will use in the terminal:
ssh -i [my-private-key] ubuntu@[PUBLIC_IP]
But replacing [my-private-key] with your private key location, and [PUBLIC_IP] for the IP you copied before.
Once we're there, we'll begin with the tailscale installation.
If you go to https://tailscale.com/download/linux, you'll see there is a one-line command to begin the installation, so we'll use that command in our terminal connected to the VM:
curl -fsSL https://tailscale.com/install.sh | sh
Your VM will work for some seconds, and when installation finishes a message will appear:
Installation complete! Log in to start using Tailscale by running:
sudo tailscale up
Before running the command to start tailscale, let's enable the IP forwarding feature in our server. For that, copy the following commands in the terminal:
echo 'net.ipv4.ip_forward = 1' | sudo tee -a /etc/sysctl.conf
echo 'net.ipv6.conf.all.forwarding = 1' | sudo tee -a /etc/sysctl.conf
sudo sysctl -p /etc/sysctl.conf
//Adverstising node from shell and tailscale admin
Ok then!, then, let's run the command with an additional flag, that will mark this machine as a traffic forwarder:
sudo tailscale up --advertise-exit-node
You'll get another message in the console similar to this:
To authenticate, visit:
https://login.tailscale.com/a/[SOME_ID]
Copy the link in the browser, log in using the Tailscale account you created before. In your browser, you'll get a message indicating that is good to close the tab, so please do it. In your terminal, you'll see a Success
message.
//Log in using mobile or another client
Next, we will configure our own machine to connect to the remote server and use it as a bridge for our internet traffic. Go to https://login.tailscale.com/admin/welcome and follow the on-screen instructions for your local OS. (Windows, macOS, Linux, or iOS and Android devices). Once this is done, you will see two machines in your admin page.
Under the same page, go to the three-dot menu in the row of our tailscale-exit-node
and click on Edit route settings...
. Then, turn on the switch for enabling the exit node option.
We're almost done with the configuration!.
Lastly, we should go to our other device, and use that exit node we configured.
In Android, you can click the three-dot menu, next Use exit node...
and select the option of tailscale-exit-node
.
And that's it!. Now, you're faking the internet believing that your IP is the one from the server we configured, which happens to be in the US!. In reality, all the internet traffic is now routed through that server you own, in a secure way so nobody can spoof.
If you want to confirm this, you can use whatismyip.com site to check that the IP address in your local device is the same that the one in your server.
Remember that using a Tailscale VPN exit node can also secure your traffic when using non-trustable public networks, such as a coffee shop WiFi, the hotspot in the airport or any other public place. You can add up to 20 devices to this VPN for free; such as mobiles, laptops and tablets that can use the exit node we configured. If you need more than that, you can upgrade your Taiscale plan.
I hope you find useful this guide! I'll try to share more ways you can use Oracle Cloud for free, for those who are new in the cloud world and want to experiment without risk to have any surprising bills.