Bypassing Captive Portals/Airport Pay Restrictions with Iodine on a Debian VPS Guide

This guide is intended for those who want to set up a Iodine on a Debian or Ubuntu VPS. Lots of time has been spent through trial and error trying to figure it out. Insight and portions of this guide have been taken http://code.kryo.se/iodine/.

Server Setup:

1. Run one of the following scripts on your server below.
SSH into your server/VPS and run one of the below scripts:

1a. Ubuntu only installation!

cat >> /etc/apt/sources.list <<END
deb http://archive.ubuntu.com/ubuntu natty main restricted universe
END
apt-get update
apt-get -t natty install iodine
sed -i '$d' /etc/apt/sources.list

1b. Debian only installation!

cat >> /etc/apt/sources.list <<END
deb http://ftp.debian.org/debian sid main
END
apt-get update
apt-get -t sid install iodine
sed -i '$d' /etc/apt/sources.list

2. Set up your DNS:
I used Namecheap FreeDNS for this example (as it requires no software installation, nor resources).
Point your domain (any domain is fine, even a free one like .co.cc or .tk) to NameCheap’s FreeDNS service. The nameservers are:
freedns1.registrar-servers.com
freedns2.registrar-servers.com
freedns3.registrar-servers.com

co.cc settings page

3. Point your DNS to your VPS:
You must fill in the IP Address box to point to your VPS/Linux server
The hostname “iodine” must point to your domain. For example it would be “tunnel.yourdomain.com” as a NS Record.

You can check if your DNS settings are valid at http://code.kryo.se/iodine/check-it/

Enter in the A record into the box (the one that is tunnel.yourdomain.com)

NameCheap DNS page

4. Launch iodined on your server:
Make sure you have TUN/TAP enabled with your VPS provider, and also that nothing else is using it (eg. OpenVPN)

Launch iodined through SSH with a command like this:

iodined -c -f 10.0.0.1 -P yourpasswordhere iodine.yourdomain.com

Make sure to replace the password “yourpasswordhere” with your own. You must use this password for the client as well. Also make sure to replace the domain to your own.

It should return an output like this:

Opened dns0
Setting IP of dns0 to 10.0.0.1
Setting MTU of dns0 to 1130
Opened UDP socket
Listening to dns for domain iodine.yourdomain.com

Client Setup:

5. Install the TAP Adapter:
Go to http://openvpn.net/index.php/open-source/downloads.html and download the newest installer for Windows. While going through the installation wizard, make sure you only select the line that says “TAP Virtual Ethernet Adapter” as shown below.

OpenVPN Install page

6. Download the Iodine client to your computer:
The current version is 0.6.0-rc1. You can find newer versions the project homepage in the future.

7. Extract the Iodine client:
You can use a program like 7-zip. Extract it to your desktop for ease of access.

8. Connect your computer to your server with iodine:
Open up the command prompt and type in:

iodine -f -P yourpasswordhere youriphere iodine.yourdomain.com

Make sure you have changed directory to the iodine folder, and make sure you have replaced the relevant password, IP, and domain to match your server settings.

The console output should look something like this:
Opening device Local Area Connection 2
Opened UDP socket
Opened UDP socket
Opened UDP socket
Sending DNS queries for iodine.cwaffles.co.cc to 74.63.253.53
Autodetecting DNS query type (use -T to override).
Using DNS type NULL queries
Version ok, both using protocol v 0x00000502. You are user #0
Enabling interface 'Local Area Connection 2'
Setting IP of interface 'Local Area Connection 2' to 10.0.0.2 (can take a few seconds)...

Server tunnel IP is 10.0.0.1
Testing raw UDP data to the server (skip with -r)
Server is at 74.63.253.53, trying raw login: OK
Sending raw traffic directly to 74.63.253.53
Connection setup complete, transmitting data.

9. Test if the tunnel works:
Open another command prompt and type in the following:

ping 10.0.0.1 /t

If you get ping responses, then everything is good.

10. Tunnel through SSH (easier than using a web proxy):
Get an SSH client like KiTTY (it’s a revamped version of PuTTY).
Extract KiTTY and add a SSH Tunnel using the settings shown below. Make sure to hit “Add”.

KiTTY settings page

Connect to IP 10.0.0.1 and enter in your login details that you usually use.

11. Get FoxyProxy for Mozilla Firefox or Proxy Switchy for Google Chrome.

Enter in the proxy info as shown below:
FoxyProxy settings page

Set your browser to connect through SSH, and check your IP address at http://whatismyipaddress.com/

Special thanks to InsDel for all the help. Without you, this guide wouldn’t be up :).

Let me know if it works, or if you have any suggestions in the comments!

Bookmark the permalink.