Saturday, 12 May 2018

How to bypass geolocation checks

In the current Internet world, there is one really annoying habit. Attempts to restrict access by guessed user location. Mainly this is done by checking your public IP address assigned by your ISP. The main reasons are various copyright restrictions between different regions.

This is really annoying and doesn't work well when you travel, if you have to work on company VNPs then geoblocks really suck.

Hopefully there should be soon an improvement in the EU where European Commission’s Digital Single Market strategy should introduce portability rules for travelling customers which means the content of services like Netflix will be same in different countries.

But you don't have to wait, there is a way how to bypass geoblocks even today. Many companies around offer VPNs where you can bypass it by tunnelling through the VPN to the destination country. But this is not free and personally I don't like it when an unknown third party can fully monitor my traffic.

My solution is similar but slightly different. Instead of using commercial VPNs I use my own VPN hosted on AWS. You can use any of AWS regions and choose in which country you virtually sit.

Even better is that AWS offers free tier for new customers which means that you can run your VPN 750 hours for free (or almost free).

To build your VPN these steps are required:
  • Setup EC2 instance (Ubuntu)
  • Install OpenVPN server on EC2 instance
  • Create user account on OpenVNP server
  • Setup OpenVPN client

Create AWS EC2 instance

Choose AIM type - Ubuntu Server 16.04 LTS
Select instance type - t2.micro (Free tier eligible)

Configure Security groups
SSH on Port 22 - better is to restrict it to static IP address
Custom UDP on port 1194 (source means opened to everybody)

Launch instance and select existing or new SSH keys

Allocate elastic IP address
Attach elastic IP address to instance (public IPv4 address)

OpenVPN server setup

To setup the OpenVPN server is easy, follow the description on this site, the trick is to use handy script which does it all for you

  wget -O  

then run the script


Installation script asks for the IP address, provide public IP address of your instance;
Choose UDP on port 1194
DNS resolver - up to you, Cloudflare dns recommended
and choose the client config file name

If it all goes well, you will see a similar output with the client configuration saved in the file.

On your phone, desktop, tablet install the OpenVPN client and use the generated config file.

That's everything, no more configuration needed. If you need more users, just run the script again and you can create additional VPN users.


Now your public IP address will be same as your EC2 instance in your selected region (country).

To save money, if you are not on a free tier, you can start the VPN server (EC2 instance) only when you are using it.
On the free tier you will be charged only for network traffic and elastic IP, but we talk about pennies not pounds here.


Post a Comment