New on LowEndTalk? Please Register and read our Community Rules.
Howdy, Stranger!
It looks like you're new here. If you want to get involved, click one of these buttons!
Quick Links
Categories
In this Discussion
- 2008-2021 © LowEndBox & LowEndTalk. Privacy Policy. Powered by Vanilla.
Back to Top | LowEndTalk | LowEndBox | Dark Theme Config | Advertise
Comments
Reserve an IP address. That's how you don't have any worry to loosing IP.
Windows doesn't qualify as "always free".
Just getting "session expired" when trying to add credit card. Will try again later.
Are you running ad block or anything? They do a bunch of device fingerprinting that will result in rejection if you block it.
Ah thanks! I even use all available cards and they denied all of it. And you're right it's because:
1. I'm using pi-hole adblock
2. My CITY address is different from the IP address location.
All good now 👌
lol number 2. if that is the case, I will 100% out of luck since I will always have different city address from my IP location.
Oooh that's why I open ip2location and maxmind first before signing up 😂. Seems like you don't need to entry your actual address.
Is reserving IP address is part of "Always free" quota? Also, there doesn't seem to be any way one can reinstall the OS without terminating the instance. Did anyone try this?
You can easily create latest Debian LXC container inside your instance and forward any port you need to it.
Can you guys select always free tier? It originally just showed up something like 'Host node out of capacity', but I don't even see the option for it anymore.
Wait a few minutes.
The micro class VMs 'unlocked' itself after a few logout/logins.
Maybe you added and selected another DC? The free one is only available in the "Home Region" you chose on sign-up.
Ohhhh adding a DC makes me disqualified..? I though as long as I created the VM on my home regiom, I'm good. Welp...
No it only means there will be no free VMs in the added DC. You can use the 300 EUR of the trial credit to try some paid VMs there for a month until the credit expires.
When you switch back to the home region DC, you can still create up to 2 free ones there.
did anyone manage to make the compute instant run a vpn?
I ran this
https://github.com/hwdsl2/setup-ipsec-vpn
however I cant connect to it
windows say remote server isnt responding
cant connect to it via android either
Hmmm that's weird then. It doesn't show up on my home region either.
BTW, for those who are interested, the 10TB free outbound traffic also seems like it counts towards paid VMs and object storage (and you get 20GB of it as long as you don't upgrade - you get 10GB object storage and 10GB archive storage if you do), which seems to make the VMs pretty cheap even for the paid tier (8GB RAM with 100GB block storage and 10TB outbound @700Mbps costs $0.03/hr (~$23/mo) and free while it's turned off).
However, network was a complete shit, even for the higher tier that claims to have 2Gbps connectivity (at least on South Korea). And if you're using ubuntu, I highly recommend using ubuntu's repo instead of the default one (change the long url to
http://{CountryCode}.archive.ubuntu.com/ubuntu). The default repo is super slow...Open port on cloud panel + iptable
hey so I opened all ports on the cloud panel
and isnt iptables covered by the script?
looking at the script's source code
I think these iptables have been added
# Add IPTables rules for VPN if [ "$ipt_flag" = "1" ]; then service fail2ban stop >/dev/null 2>&1 iptables-save > "$IPT_FILE.old-$SYS_DT" iptables -I INPUT 1 -p udp --dport 1701 -m policy --dir in --pol none -j DROP iptables -I INPUT 2 -m conntrack --ctstate INVALID -j DROP iptables -I INPUT 3 -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT iptables -I INPUT 4 -p udp -m multiport --dports 500,4500 -j ACCEPT iptables -I INPUT 5 -p udp --dport 1701 -m policy --dir in --pol ipsec -j ACCEPT iptables -I INPUT 6 -p udp --dport 1701 -j DROP iptables -I FORWARD 1 -m conntrack --ctstate INVALID -j DROP iptables -I FORWARD 2 -i "$NET_IFACE" -o ppp+ -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT iptables -I FORWARD 3 -i ppp+ -o "$NET_IFACE" -j ACCEPT iptables -I FORWARD 4 -i ppp+ -o ppp+ -s "$L2TP_NET" -d "$L2TP_NET" -j ACCEPT iptables -I FORWARD 5 -i "$NET_IFACE" -d "$XAUTH_NET" -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT iptables -I FORWARD 6 -s "$XAUTH_NET" -o "$NET_IFACE" -j ACCEPT # Uncomment if you wish to disallow traffic between VPN clients themselves # iptables -I FORWARD 2 -i ppp+ -o ppp+ -s "$L2TP_NET" -d "$L2TP_NET" -j DROP # iptables -I FORWARD 3 -s "$XAUTH_NET" -d "$XAUTH_NET" -j DROP iptables -A FORWARD -j DROP iptables -t nat -I POSTROUTING -s "$XAUTH_NET" -o "$NET_IFACE" -m policy --dir out --pol none -j MASQUERADE iptables -t nat -I POSTROUTING -s "$L2TP_NET" -o "$NET_IFACE" -j MASQUERADE echo "# Modified by hwdsl2 VPN script" > "$IPT_FILE" iptables-save >> "$IPT_FILE"this my cloud control panel rules
))
https://imgur.com/a/bO7SBqC
Once you're done with opening all ports in account panel (Security Lists) you can delete all iptables rules using the following terminal command:
iptables -F && iptables -P INPUT ACCEPT && iptables -P FORWARD ACCEPT && iptables -P OUTPUT ACCEPT && iptables -t nat -F && iptables -t mangle -F && iptables -X
Then you just set your own rules from scratch as needed.
To make iptables rules permanent (so it survives reboot) :
iptables-save > /etc/iptables/rules.v4
I tried that
these are my iptable rules
still nothing
Ingress Rules
Host node capacity error is a good sign, they will then set limit on free tier.
hey I followed these steps
still cant connect.
if you dont mind me asking did you manage to get it working in your system?
I opened all port, with this method, and work fine.
I not installed ipsec vpn, but shadowsock work fine from docker image.
hey so proxy works. I am using squid3 personally and it works
for some reason I cant get the ipsec vpn to work
Maybe because of their NAT, where you don't get a public IP on the VPS, but only a 10.0.0.x IP. Try WireGuard or OpenVPN instead. WireGuard works, I use it just fine.
i dont think its nat they have given me 1 ip that I can use to connect to ssh and use as a web server
reason I wanted ipsec is native windows and android support
I try this ipsec docker image and work fine.
https://github.com/hwdsl2/docker-ipsec-vpn-server
So I haven't been able to create any instances in AD-2 in the US West (Phoenix) region. I can create them in AD-1/3 but not 2. Finally decided to call Oracle support up and generate a sev 2 ticket for it (they'll only respond during business hours for it anyways). Was an interesting experience but I want to get down to the root cause...
Yes, I am. As I run into problems, I then disable them, but I'll try from somewhere else.
Thanks