Firstly, a VPN server (those who know can skip this bit) is literally a Virtual Private Network. You might be familiar with how your home or office network operates – many computers connected to the same WiFi or ethernet network. For the most part we do this simply to share an Internet connection, however, another upshot is the ability to share files and services (e.g. documents, audio, video, printers or scanners) between these machines – with access only available to machines on your local network.
You can think of a VPN in similar terms, only the Local is replaced with Virtual Private. The physical connection between what were once, by necessity, centrally located machines is replaced with a Virtual connection – and your access to those files and services is now available from any authenticated machine with a data connection, anywhere in the world. Pretty cool.
OK, what do I need?
At it's simplest, creating a VPN requires two components – you need a server running the server component, and a client to connect to it. Actually it only really starts making sense when you have two clients (a network of one isn't much of a network!), but the setting up of the second is just the same as the first.
Your first client could be the machine you're reading this on now, or any laptop or computer you want to use.
My client machine is running Linux (Mint 14). If you're on an Apple machine most of this guide should still be relevant – although perhaps the client setup will differ.
For the server I decided to use Amazon Web Services, mostly because I've still got a few months left on their Free Usage Tier and you just can't beat that price.
Step 1 – Setting up on Amazon Web Services
This guide by Expedient Tech covers setting up your EC2 server. Follow this but go for Ubuntu 12.04 instead of 9.1. I don't see any reason to go back that far, maybe the guide is just old.
When they start talking about using PuTTy and installing OpenVPN that way, forget about it. That's crazy Windows talk. All you need is shell access and by now you have the pem key from amazon, so – on your client machine – you just need to fire up a terminal window and type:
ssh -i /path/to/yourkey.pem firstname.lastname@example.org
You should now be logged-in to your new Amazon EC2 instance.
Step 2 & 3 – OpenVPN Client and Server
Now switch to Ubuntu 12.04's OpenVPN guide. Follow those steps to the letter and you should be setup on both Server and Client.
And.. that should be that! You can generate a second client certificate the same way you've done the first and connect a second machine. Each client connected to the network is given a unique IP address available only to other machines on the network, allowing you to connect and share securely. Sit happily in a coffee shop while you finish up a project on the machine back home, via your humble little laptop. Or stream music from your private collection through your phone at a party.
Lots of fun.