Connect to PSO2 with JP Amazon EC2, Free(12mo) & Private SSH Tunnel and IP!

[Esofor]

I've been trying to set up pptpd using this guide in the meantime:

http://www.yzhang.net/blog/2013-03-07-pptp-vpn-ec2.html

Edit: I've been able to connect with the vpn connection in windows but I think I've got the IP addresses wrong as I can't access the internet when it does connect.

The one thing the in the guide I'm unsure about are the local and remote ips. I've tried using the AWS EC2 IP for the localip and I've tried using the same EC2 IP with a range for the remoteip, along with changing the remoteip to my own IP address but neither seems to work.

I got the pptpd vpn to work, but is there any way to only let PSO2 use it? All my traffic is going through the tokyo instance now and even if I wanted to put up with the slower speeds eventually I'm going to get charged like this for using so much data.

Turning it off after logging in is an instant 630 unlike proxycap.

how did you get internet access on your aws vpn? i seem to have everything in order, but i can't access the internet. skype seems to go through, but that's not what i'm aiming for lol

edit: nvm, it appears that i just needed to uncomment a few lines

edit2: have you tried tehfusion's split tunnelling guide? http://www.reddit.com/r/PSO2/comment...os_isp/ciysusf
for some reason split tunnelling doesn't work for my instance, even if the vpn itself works

[Ana-Chan]

how did you get internet access on your aws vpn? i seem to have everything in order, but i can't access the internet. skype seems to go through, but that's not what i'm aiming for lol

edit: nvm, it appears that i just needed to uncomment a few lines

edit2: have you tried tehfusion's split tunnelling guide? http://www.reddit.com/r/PSO2/comment...os_isp/ciysusf
for some reason split tunnelling doesn't work for my instance, even if the vpn itself works

Split tunnelling requires two things. First to not use the VPN's default gateway, this allows all internet traffic to go through your regular internet connection. Second, to manually set the route for certain addresses to go through the VPN.

As an example, I have my VPN connected and it is not using the VPN default gateway. If you run netsh interface ipv4 show route you get something like

Code:

C:\Users\xxx>netsh interface ipv4 show route

Publish  Type      Met  Prefix                    Idx  Gateway/Interface Name
-------  --------  ---  ------------------------  ---  ------------------------
No       Manual    256  0.0.0.0/0                   3  192.168.0.254
No       System    256  127.0.0.0/8                 1  Loopback Pseudo-Interface 1
No       System    256  127.0.0.1/32                1  Loopback Pseudo-Interface 1
No       System    256  127.255.255.255/32          1  Loopback Pseudo-Interface 1
No       Manual    1    172.31.0.0/16              27  172.31.0.100
No       System    256  172.31.0.105/32            27  VPN Connection
No       System    256  192.168.0.0/24              3  Ethernet
No       System    256  192.168.0.2/32              3  Ethernet
No       System    256  192.168.0.255/32            3  Ethernet
No       System    256  224.0.0.0/4                 1  Loopback Pseudo-Interface 1
No       System    256  224.0.0.0/4                 3  Ethernet
No       System    256  224.0.0.0/4                 5  Bluetooth Network Connection
No       System    256  224.0.0.0/4                27  VPN Connection
No       System    256  255.255.255.255/32          1  Loopback Pseudo-Interface 1
No       System    256  255.255.255.255/32          3  Ethernet
No       System    256  255.255.255.255/32          5  Bluetooth Network Connection
No       System    256  255.255.255.255/32         27  VPN Connection

The first entry "No Manual 256 0.0.0.0/0 3 192.168.0.254" is the one that routes everything through your regular internet connection. There should be another interface for your VPN connection that is clearly marked. Windows 8.1 names them VPN Connection by default.
For the VPN connection, there are two things to look out for. First is the index of the VPN connection, second is the gateway of the VPN connection. This routing table gives the index of the connection, but the best way to confirm is to run the command netsh interface ipv4 show interfaces, and it will give output similar to:

Code:

C:\Users\xxx>netsh interface ipv4 show interfaces

Idx     Met         MTU          State                Name
---  ----------  ----------  ------------  ---------------------------
  3          10        1500  connected     Ethernet
  1          50  4294967295  connected     Loopback Pseudo-Interface 1
 27          10        1400  connected     VPN Connection
  5          40        1500  disconnected  Bluetooth Network Connection

Now the important interface is the one with the name VPN Connection. Your interface may not be named that, but it should be distinguishable. To the left is the index, in this case 27. This is not a constant value, this changes on a machine to machine basis. Now we have this, we can look at the routing table again for the VPN gateway.
There should be an entry similar to "No Manual 1 172.31.0.0/16 27 172.31.0.100" in the table. The fourth column is the addresses that it will send to the VPN, in this case, all addresses starting with 172.31, the fifth column is the index of your interface, and the last column, in this case 172.31.0.100, is the VPN gateway. This is what you need to set up the split route. If you add entries to the routing table to send certain entries down there instead, you can set it up to only forward the PSO2 IP addresses to the VPN.
So if you now run the command netsh interface ipv4 add route 210.189.0.0/16 <VPN Connection Index> <VPN Gateway> Metric=5 then it will set the PSO2 block to route through the VPN and leave everything else go through your regular connection. So in my case

Code:

netsh interface ipv4 add route 210.189.0.0/16 "VPN Connection" 172.31.0.100 Metric=5

If you then print the routing table

Code:

C:\Users\xxx>netsh interface ipv4 show route

Publish  Type      Met  Prefix                    Idx  Gateway/Interface Name
-------  --------  ---  ------------------------  ---  ------------------------
No       Manual    256  0.0.0.0/0                   3  192.168.0.254
No       System    256  127.0.0.0/8                 1  Loopback Pseudo-Interface 1
No       System    256  127.0.0.1/32                1  Loopback Pseudo-Interface 1
No       System    256  127.255.255.255/32          1  Loopback Pseudo-Interface 1
No       Manual    1    172.31.0.0/16              27  172.31.0.100
No       System    256  172.31.0.105/32            27  VPN Connection
No       System    256  192.168.0.0/24              3  Ethernet
No       System    256  192.168.0.2/32              3  Ethernet
No       System    256  192.168.0.255/32            3  Ethernet
No       Manual    5    210.189.0.0/16             27  172.31.0.100
No       System    256  224.0.0.0/4                 1  Loopback Pseudo-Interface 1
No       System    256  224.0.0.0/4                 3  Ethernet
No       System    256  224.0.0.0/4                 5  Bluetooth Network Connection
No       System    256  224.0.0.0/4                27  VPN Connection
No       System    256  255.255.255.255/32          1  Loopback Pseudo-Interface 1
No       System    256  255.255.255.255/32          3  Ethernet
No       System    256  255.255.255.255/32          5  Bluetooth Network Connection
No       System    256  255.255.255.255/32         27  VPN Connection

So you can now see the PSO2 block going through the VPN gateway and the metric has to be lower than the regular connection, otherwise it will go through the regular connection.

[Nulve]

So, how much will AWS cost after the free trial runs out?

[Ana-Chan]

The way it works is, with the on demand instances you get charged per hour. The amount you get charged depends on region and Operating System.
Since the guides around here generally use a Linux based server, for the Tokyo region, that would be $0.02 per hour. If you run it 24/7 then that would possibly end up under $15 a month. (31 day months would be 744 hours, $14.88, 30 day months would be 720 hours, $14.40).
If you shut down the instance when you are not using it then obviously you won't be charged for the time it is idle. But I think they then round the hours up to the next full hour.
If you also transfer data then you could get charged for that. You get 1GB of data transfer out for free, and if you use PSO Tweaker to do the updating then you only need to worry about data transfer costs. The data transferred by PSO2 is also pretty small so normally you shouldn't have to worry about it. If you go above 1GB, then it is $0.201 per GB.

[holmwood]

The way it works is, with the on demand instances you get charged per hour. The amount you get charged depends on region and Operating System.
Since the guides around here generally use a Linux based server, for the Tokyo region, that would be $0.02 per hour. If you run it 24/7 then that would possibly end up under $15 a month. (31 day months would be 744 hours, $14.88, 30 day months would be 720 hours, $14.40).
If you shut down the instance when you are not using it then obviously you won't be charged for the time it is idle. But I think they then round the hours up to the next full hour.
If you also transfer data then you could get charged for that. You get 1GB of data transfer out for free, and if you use PSO Tweaker to do the updating then you only need to worry about data transfer costs. The data transferred by PSO2 is also pretty small so normally you shouldn't have to worry about it. If you go above 1GB, then it is $0.201 per GB.

You can use vpn when patching no?

There's no way you'll be running it 24/7 so the overall cost should be dirty cheap.

[Ana-Chan]

You can, I was just giving the minimum possible cost. I was just assuming that people would prefer to use the tweaker to not pay for what they can avoid using.

[tehfusion]

Do keep in mind though that if you stop the instance when you aren't using it, the IP address will normally be different when you next start it. Starting and stopping your instance regularly will result in you having a lot of different IP addresses, and as Ana-Chan said, if you run an instance for less than an hour it will still be counted as a full hour.

You can set up an EIP (Elastic IP Address) to maintain a single IP address, but that is only free when the EIP is associated with a running instance. If you have an EIP and the instance is stopped, then you'll be charged for the EIP instead. In that case, you'll be charged $0.005 for the EIP per hour when the instance is not running.

Alternatively, you could try to set up a completely new account to get another year in the Free Tier. I've heard of people doing that successfully using false information and prepaid cards. It probably wouldn't be good if you got caught doing that, though.

[Xaeris]

how did you get internet access on your aws vpn? i seem to have everything in order, but i can't access the internet. skype seems to go through, but that's not what i'm aiming for lol

edit: nvm, it appears that i just needed to uncomment a few lines

edit2: have you tried tehfusion's split tunnelling guide? http://www.reddit.com/r/PSO2/comment...os_isp/ciysusf
for some reason split tunnelling doesn't work for my instance, even if the vpn itself works

Do you remember which lines you had to uncomment? I appear to be having a similar problem. I've made the edits to the pptpd file as best I can using the directions and the VPN I have set up in windows is able to connect, but the resulting connection is dead.

Edit: Nevermind, got it. For now.

[Shinamori]

I havent been able to get fusion's methoc to work.

[Ana-Chan]

Do you remember which lines you had to uncomment? I appear to be having a similar problem. I've made the edits to the pptpd file as best I can using the directions and the VPN I have set up in windows is able to connect, but the resulting connection is dead.

Edit: Nevermind, got it. For now.

Just to clear something up, the route that the guide gives is a bit too specific. It only forwards addresses in certain ranges, but I have seen PSO2 use more addresses than that. As an example, the patcher is at 210.189.209.19, since that guide only forwards 210.189.209.8 from that subnet then the patcher doesn't work.
This is why, in the little addition I posted above, I forwarded everything in the 210.189.0.0 subnet to the VPN. This gets around all of the problems. It may forward some extra connections, but I find that better than not being able to forward some.

I havent been able to get fusion's methoc to work.

You would have to go into more details about how it isn't working.