Question What hardware/software is required for a small commercial VPN service?

[miogpsrocks]

What hardware/software is required for a small commercial VPN service?

Like a small business only for a VPN service with subscribers paying you money for access to your VPN?

I am tired of BIGVPN throwing its users under the bus and considering making a VPN by the people, for the people. Maybe some kind of crowd funding project.

Does the hardware/software exist for a VPN service to exist or it is all custom made stuff by VPN companies?

Thanks.

 

[Tech Junky]

To make a VPN you need a server / PC to host the connection and do the encryption. Then you need bandwidth from an ISP.

Client side is where things can get messy since no 2 devices are the same. If you can package wire guard into an app and deploy it to customers you'll have speed + encryption and less coding to deal with.

If you want people to configure WG on their own supplying the instructions would mean full transparency instead of relying on an app.

 

[miogpsrocks]

To make a VPN you need a server / PC to host the connection and do the encryption. Then you need bandwidth from an ISP.

Client side is where things can get messy since no 2 devices are the same. If you can package wire guard into an app and deploy it to customers you'll have speed + encryption and less coding to deal with.

If you want people to configure WG on their own supplying the instructions would mean full transparency instead of relying on an app.

So Client side, Wireguard, OpenVPN or Openconnect? Any of these type of programs?

For server side, what software would you run on this generic server?

Thanks.

 

[mxnerd]

So just because you are not satisfied with local bus system, you want to estabilish another bus company to compete with existing one? 🤔

Well, with so many cloud ISPs, you shouldn't have to own hardware, just pay the money and create VMs with cloud ISPs around the world so you can attract customers. Make sure you have enough knowledge and deep pocket. 😁

 

[Tech Junky]

So Client side, Wireguard, OpenVPN or Openconnect? Any of these type of programs?

For server side, what software would you run on this generic server?

Thanks.

Both sides need to be able to speak the same language. You can run multiple protocols on each server.

Most reputable companies run Linux on bare metal usually from USB and tons of RAM to keep the speeds up along with the high bandwidth link to the outside world.

As @mxnerd pointed out there are options for cloud based servers but, for privacy you would want to own the devices you're using. Also, another thing to think about is the liability insurance if there's an issue and someone decided to sue you for damages. Taking a bare metal setup though and ample resources to run the encryption could run thousands per location. You would want to spec out a good high core CPU / dual CPU setup to handle all of the traffic in addition to the cards for the fiber connections. max out the RAM as well to keep things running smooth.

It's not a cheap venture to get into. Besides the HW cost you have the DC Rack rentals / ISP / etc. Virtua is an option if you and find T&C's you're comfortable with presenting as your product. From the stand point of taxes though you would need to look at the CAPEX / OPEX and how you would write things off whether to do in year or amortize things over a period of time.

 

[miogpsrocks]

So just because you are not satisfied with local bus system, you want to estabilish another bus company to compete with existing one? 🤔

Well, with so many cloud ISPs, you shouldn't have to own hardware, just pay the money and create VMs with cloud ISPs around the world so you can attract customers. Make sure you have enough knowledge and deep pocket. 😁

I spent a lot of money with one particular VPN company. Prepaid with promotional for years on this service. I thought I was set for life on this VPN.

Then some community college troll lawyer sent some complaint about another VPN and threw the VPN I was using in at the last minute as almost a side note. Both VPN companies threw all their customers under the bus and folded in. When I asked why they would do this, they told me that all VPN will suffer the same fate. I have also consulted with an attorney who told me that VPN company is not responsible for the action of its subscribers anymore than you can sue your phone company because of some Indian call center scam scammed you over the phone or anymore then the app " Whatsapp" is for what people do using their private messaging system.

Back in the day when I was part of IT department, we pretty much had everything located in our building with multiple T1 connection that were very expensive and not even that fast compared to what is currently available. Things were expensive to keep everything in house like this but the company had legacy infrastructure from the 70's being updated. Originally the subscribers had to dial into the company, it had banks of modems like something you would expect AOL to have .

Anyway, that was in the past, today I was initially thinking of some co-location datacenter where the major ISP are exchanging data with each other anyway and maybe leasing a few small spaces in some key spaces across the US. However, your idea may be easier or lower cost with virtual machine in some existing server located in these places.

As long as No data logging policy can be implemented.

What software would you recommend the VM run? Some sort of openVPN type software? It would need to authenticate users, perhaps put data speed limit on each user and most importantly no logs created or instantly deleted.
Maybe this could be some sort of a crowdfunded project.

 

[mxnerd]

I'm not in IT dept for a long time. I know how VPN works but only use VPN between family members and have no expertise to tell you how to establish your VPN business.

There are so many types of VPN protocols out there: OpenVPN, IPSEC, TOR, Wireguard, Tinc, ZeroTier, SoftEther (with VPNGate)...

OpenVPN/IPSEC are the most popular types offerered by VPN providers, but Wireguard is getting attentions because it's much faster than OpenVPN and very easy to setup.

There is no easy path for anyone to gain the knowlege you need however, all kinds of resources are freely available on the internet and youtube. You have to spend your own time to study them, and use virtualization platform available to you (Hyper-V, VirtualBox, VMware ESXi/Workstation, Proxmox, Linux KVM, Docker,...) to get familar with. OS, security, patching, routing, firewall, etc. It's a daunting task.

Now, the policy of this forum does not allow discussion or member helping others with illegal activities, so you also have to help yourself.

 

[ch33zw1z]

Did I miss which "big VPN" he was talking about? It would help to know which ones to steer clear of

 

[mv2devnull]

You want to talk to your wife. At the privacy of your home the discussion would be private.
Alas, she is at neigbour, at your sister-in-law's place.
* You could shout. Bypassers could listen what you talk about.
* You could shout, but in code language that only you two understand. This is VPN in traditional sense.
* You could shout to your sister-in-law, who then conveys the clear message to your wife in their sisterly manner. OP wants to be that sister for paying clients, whose messages to "husbands" then get shouted over the street? This is what most mean with "VPN" these days.