DIY VPN Pritunl Setup Tutorial

[Charisarian]

Could I use a raspberry Pi if I want to use it to just get around geo blocking? 

[itsjudd]

I would also recommend looking into Outline

https://getoutline.org/

https://github.com/Jigsaw-Code

[Mqxi]

Getting a 404 error when I try to run the command:

sudo yum -y install pritunl

 I've simply copy-pasted all the above commands shown in the documentation. Here's the full error:

 

[quark@vultr ~]$ sudo yum -y install pritunl
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
epel/x86_64/metalink                                                                 |  29 kB  00:00:00
 * base: mirror.prolocation.net
 * epel: mirror.nl.leaseweb.net
 * extras: ams.edge.kernel.org
 * updates: mirror.1000mbps.com
base                                                                                 | 3.6 kB  00:00:00
extras                                                                               | 2.9 kB  00:00:00
mongodb-org-4.0                                                                      | 2.5 kB  00:00:00
pritunl                                                                              | 2.9 kB  00:00:00
updates                                                                              | 2.9 kB  00:00:00
pritunl/primary_db             FAILED
https://repo.pritunl.com/stable/yum/centos/7/repodata/e2a8a9331d3d1a2e1fe3b783de655f8703ca88318d0d279b5f5a7fa8cf46352d-primary.sqlite.bz2: [Errno 14] HTTPS Error 404 - Not Found
Trying other mirror.
To address this issue please refer to the below wiki article

https://wiki.centos.org/yum-errors

If above article doesn't help to resolve this issue please use https://bugs.centos.org/.

pritunl/primary_db             FAILED
https://repo.pritunl.com/stable/yum/centos/7/repodata/e2a8a9331d3d1a2e1fe3b783de655f8703ca88318d0d279b5f5a7fa8cf46352d-primary.sqlite.bz2: [Errno 14] HTTPS Error 404 - Not Found
Trying other mirror.
https://repo.pritunl.com/stable/yum/centos/7/repodata/e2a8a9331d3d1a2e1fe3b783de655f8703ca88318d0d279b5f5a7fa8cf46352d-primary.sqlite.bz2: [Errno 14] HTTPS Error 404 - Not Found
Trying other mirror.


 One of the configured repositories failed (Pritunl Repository),
 and yum doesn't have enough cached data to continue. At this point the only
 safe thing yum can do is fail. There are a few ways to work "fix" this:

     1. Contact the upstream for the repository and get them to fix the problem.

     2. Reconfigure the baseurl/etc. for the repository, to point to a working
        upstream. This is most often useful if you are using a newer
        distribution release than is supported by the repository (and the
        packages for the previous distribution release still work).

     3. Run the command with the repository temporarily disabled
            yum --disablerepo=pritunl ...

     4. Disable the repository permanently, so yum won't use it by default. Yum
        will then just ignore the repository until you permanently enable it
        again or use --enablerepo for temporary usage:

            yum-config-manager --disable pritunl
        or
            subscription-manager repos --disable=pritunl

     5. Configure the failing repository to be skipped, if it is unavailable.
        Note that yum will try to contact the repo. when it runs most commands,
        so will have to try and fail each time (and thus. yum will be be much
        slower). If it is a very temporary problem though, this is often a nice
        compromise:

            yum-config-manager --save --setopt=pritunl.skip_if_unavailable=true

failure: repodata/e2a8a9331d3d1a2e1fe3b783de655f8703ca88318d0d279b5f5a7fa8cf46352d-primary.sqlite.bz2 from pritunl: [Errno 256] No more mirrors to try.
https://repo.pritunl.com/stable/yum/centos/7/repodata/e2a8a9331d3d1a2e1fe3b783de655f8703ca88318d0d279b5f5a7fa8cf46352d-primary.sqlite.bz2: [Errno 14] HTTPS Error 404 - Not Found

Thanks!

[DarkAcid1212]

Many, Many, Many thank you. It is like you guys read my mind every single time. I been using Chrome Remote Desktop since my ISP block all ports. Now I can finally have my RDP back. Not just this video, but also the adblock one to......I will try it once I have my hand on rasberry pi w. Thanks a bunch.

[ZyFinity]

@jakkuh_t is it possible to make the actual vpn servers port 443 instead of the webui? and if so how? (i want to use 443 because many hotels free wifi and other places block any ports other than 80 and 443 so i would need the vpn on either of those ports)

[siliconcupcake]

Does anybody know how I can configure the web console to be served through apache alongside other sites on my server ?

Currently, I am unable to access the web console unless I stop the apache service.

[ne0rmatrix]

i clicked on link and no affiliate discount appeared that i am aware of  I got it all set up and its working but i have no idea about billing other than signing up and giving my info they have not billed me or dinged my credit card at all lol. Nice easy vpn setup and i like the price of 3.50 usd that is a nice price for 500GB of data.

[hui]

Any plans for a DIY password manager? I currently use LastPass but I worry what would I do if LastPass just disappears one day. 

[Morad__T]

What about Jigsaw's "Outline"
I never heard of Pritunl but their setup process seems rather tedious and it didn't work for me straight away like Outline did
 

[LePygargueATeteBlanche]

13 hours ago, manywater0 said:

Can I use debian instead of cent OS or is it must on the project?

Both can do the trick (with maybe a bit of adaptation from the tutorial).

In this case I believe CentOS is recommended as it this pretty lightweight and will not cause higher bills on the VPS.

[LePygargueATeteBlanche]

20 minutes ago, hui said:

Any plans for a DIY password manager? I currently use LastPass but I worry what would I do if LastPass just disappears one day. 

I've seen a lot of people recommend BitWarden. I've tested It and It seems very good. Kind of a mix between KeePass and other modern password manager like LastPass or Dashlane.

[LePygargueATeteBlanche]

Very good tutorial. I've struggled a bit on some part ('m not very good at Linux stuff) but so far so good.

[Radium_Angel]

3 hours ago, hui said:

Any plans for a DIY password manager? I currently use LastPass but I worry what would I do if LastPass just disappears one day. 

KeePass.

It's offline and never goes away

[Qahwah]

Looks like this won't work if I was in China trying to access google.com, right? Since the VPS itself is in the States. 

[Kofac]

Thanks for the tutorial works perfectly very easy to follow

 

I have it working on my Windows PC which its fine. 

 

But to be of any real use to me I would need it working on my PfSense router. So it would cover my entire network. Would that be possible and if so any idea how to go about doing that please ?

[ethanaldr]

I got it working on my computer, but I am unable to get it to work on my Iphone with the openvpn app. It gives a time out error.

[bhoom_it]

@jakkuh_t this worked flawlessly for me. I salute you for the guide!!!

 

Only thing is, I want to connect my custom domain via letsencrypt. Do you have any ideas on how to go about this? Also, how secure is this entire setup? 

[techhead]

In step 4.2 its recommended that you create a firewall rule to allow SSH connections to the VPS and set the "Source" to My IP. If your setting this up from home on a connection with a dynamic IP will you still be able to SSH in once your IP has been changed by your ISP?

Thanks!

[JanneV]

The guide really worked like a charm.

But when i tried to connect to the VPN through the Pritunl App, i get a connection time out.

And my server shows this error, that u see down below.

Any ideas on how to fix it, are highly appreciated.

[Venty]

16 hours ago, siliconcupcake said:

Does anybody know how I can configure the web console to be served through apache alongside other sites on my server ?

Currently, I am unable to access the web console unless I stop the apache service.

Just gone through it myself, using Nginx though.

Well, you can set it up using this guide.

I went ahead and used port 88 (with ssl disabled in pritunl) and setup up a reverse proxy in Nginx (so it uses the proper certificate I already have set-up).

Also, you might have to also set the Host header, not just the X-Forward ones.

[Reedradar]

Hey gentlemen maybe you guys can help me out, I'm using the VPS recommended in the video and I cant get Pritunl to install I get this error every time

Error:
 Problem: conflicting requests
  - nothing provides bridge-utils needed by pritunl-1.29.2276.91-1.el7.centos.x86_64
 

[EthanWolfcat]

I followed the instructions and we manage to get it working. However, after some time, the PritUnl web interface gives us a Connection_Refused and the pritunl client no longer connects to our VPN. Any ideas?

[jaltagracia]

Thanks great  guide. My VPN is working just fine.

 

However, I have a minor problem. Since I decided to use DigitalOcean as service provider Netflix is blocking my connection and I get the Proxy error.

 

Can any one confirm that Netflix works on Vultr IPs? My guess it that Netflix algorithm is tagging DO IPs as they are seen as ISP. I've tried other services and everything seems to be working.  

[triplegunner]

Why not Wireguard? It's incredibly easy to install and can actually fully saturate your entire bandwidth. I've done research with it and it's a really solid VPN. 

Edit: Like... it only takes a few lines to get it running...

[triplegunner]

29 minutes ago, jaltagracia said:

Thanks great  guide. My VPN is working just fine.

 

However, I have a minor problem. Since I decided to use DigitalOcean as service provider Netflix is blocking my connection and I get the Proxy error.

 

Can any one confirm that Netflix works on Vultr IPs? My guess it that Netflix algorithm is tagging DO IPs as they are seen as ISP. I've tried other services and everything seems to be working.  

Netflix blocks everything that's hosted by the big providers. I know a guy who managed to bypass Netflix's ban hammer via IPSec. They piped their vpn into IPSec.  look into doing that