How to start a VPN service to share high-speed internet connection with 10 to 100 clients?

Question

I am thinking of running a non-profit project to help those people living in dictatorship countries where governments block and filter 99% of the Internet and its services such as Skype, IMs, etc...

I am not a pro by any means but from what I understand using VPN connection to outside world is the only secure and reliable solution for both the host and the client at this time.

My question is:

How can I start a VPN service and share my high-speed DSL/Cable connection with lets say 10 to 100 clients?

My current internet connection has a upload speed of 1Mbps and Download Speed of 10Mbps. I know that sharing 10Mbps with that many users means very little bandwidth for each of them but not all users go online at the same time and even if they do, the average internet connection speed in countries such as Iran is between 50kbps to 100kbps at its best so I would be able to still provide them with a free, no filtered, no censored connection at an average speed.

What type of equipments do I need to do this properly and make sure people get a secure VPN connection to my internet line without giving them access to my personal hard drive.

I would appreciate it if someone could explain to me two different options. Option 1: a simple, free solution. (probably a open source or free software VPN server)

and Option 2: a more advanced option that doesn't require much configuration and maintenance. I don't mind donating up to $200 to some kind of may be hardware or something that I could attach to my cable modem and let it serve users in those countries.

For Option 2: I am thinking of purchasing a second high speed internet connection line and dedicate it to VPN internet sharing.

Users should be able to surf the internet, use Skype (which is currently blocked), use ftp, torrent, access youtube, etc... basically the solution should not be limited to internet surfing only. I want these vpn users to be able to take advantage of all type of internet services and ports that are currently available to most of us, so that they can enjoy a little bit of a freedom.

Thank you all for your support and comments in advance.

Answer 1

While many alternatives exist, First you have to consider your internet speed, your computer speed, and availability of your service.

Internet Speed: Remember that when they want something, you have to download it first then upload it to them. 1 Mb/s up will run out quickly. If you're serious then you're going to need something a little faster on the upstream, maybe a symmetrical connection?

Computer Speed: I'm not familiar with all the specifics of VPN, but you do want to make sure your computer can handle 10+ open VPN connections at the same time. My wild shot in the dark says that if you have less than 2 GB RAM and something older than a Intel Core 2 Duo, you can't technically do it.

Availability: You have to consider this: Your service gets blocked. The issue here is that you need something that changes or has a lot of redundancy AND your clients still know how to access it. This is actually very hard to pull off. If you make your IP randomly change, how would your clients be able to get to you? If you try to solve this by a domain, what if the domain and its resolved IP address gets blocked? The only way I can think of to solve this is with multiple internet connections (very expensive) or with multiple "gateways".

---

In short, your one man army approach, while I admire it, might not last for a long time. The programs above solve this by having large networks of computers, and a massive hardcoded list of gateways that point to other computers. This way, if an IP gets blocked, there is still a lot of redundancy and the list is simply updated in the next release. Speed isn't an issue since it's distributed to thousands of clients, using their internet and their computing power. They have redundancy, speed, and availability; most of which you simply don't have.