In this tutorial, I will be going through the steps on how to setup a Raspberry Pi VPN server using the OpenVPN software. I will also go into setting up various things you must do to ensure that your connection is as secure as possible by setting up encryption keys.
This can be a bit of a long process, but it is a relatively simple tutorial to follow, and shouldn’t require any extra interaction once it has been configured.
Using a Raspberry Pi is a cheap way of setting up a virtual private network (VPN) that can stay online 24/7 without consuming a large amount of power. It’s small and powerful enough to handle a few connections at a time making it great for private use at home.
VPN’s are an incredibly useful network tool that can allow you to gain access to encrypted and secure internet traffic even when you are utilizing public Wi-Fi.
As an added bonus, you can also use it to allow yourself to connect to your own computer and access the home network. This allows your other devices that are located outside your local network to act as if they were on the local network of the VPN Server. For example, if you had a network attached storage server that you wanted to access whilst away then a VPN server will be extremely handy in achieving a secure way to access it.
Below are all the bits and pieces that I used for this Raspberry Pi VPN server tutorial, there is nothing super special that you will need to be able to complete this.
Raspberry Pi 2 or 3
Getting prepared for your VPN server
Before we get started with setting up the Raspberry Pi VPN server there is a few things we must go over to ensure that you are ready to set it up and use it.
Firstly, for this tutorial it’s important to know that I am using a clean version of Raspbian. If you haven’t installed it and would like to learn how then my guide on installing Raspbian is extremely handy if you’re new to all this.
For starters, make sure you actually do need a VPN before you start setting this up, as it can act as a gateway into your home network.
If you do intend on using a VPN make sure all the computers on your home network are secure, and that you aren’t sharing anything within your local network that you wouldn’t want someone gaining access to.
Preparing your VPN Server’s IP Address
It’s important to decide whether you are going to make use of a static IP address or a dynamic IP address, setting up a VPN for a static IP address is a rather simple process and requires no extra work.
However, if you want to utilize a dynamic IP address you must make use of a dynamic DNS service.
If you choose to go down the dynamic DNS service route, then you should decide whether you want to make use of your own domain name, or a free one.
If you want to make use of your own domain name, then you can use a service like CloudFlare, if you want to make use of a free sub domain then a service such as no-ip.org will be useful for you.
You can check out our guide on setting up your Raspberry Pi for Dynamic DNS for more information.
Remember the domain name that you set up for either Cloudflare or no-ip.org as you will need this later on in the tutorial.
Port Forward for your Raspberry Pi VPN
The third important thing that you will need to get done before you start setting up your Raspberry Pi is to port forward for the OpenVPN software.
The default port you need to forward is 1194, however we recommend port forwarding a different port and using that instead to try and avoid open port scans on your home network. Remember the port you set as you will need this later on in the tutorial. The protocol you will have to make use of for this port is UDP.
If you are unsure on how to portforward on your router, we recommend looking your router up over on port forward.
Installing the VPN Server
1. Setting up a Raspberry Pi VPN Server can be quite a complicated process, normally you would have to install the software, generate the encryption keys, add the port to the firewall, set the Pi to keep a static IP address and much more.
Luckily for us there is a much easier way to setup a Raspberry Pi VPN server thanks to an install script called PiVPN, this handles all the grunt work for setting up a VPN and reduces the potential for making mistakes.
Before we get started, we should first change the password of the default pi user, this is to ensure if someone managed to gain access to your VPN they wouldn’t be able to access your Raspberry Pi easily.
For more detail: Raspberry Pi VPN Server: Build Your Own Virtual Private Network