For a cheaper option that you control, you can set up an OpenVPNserver on a Raspberry Pi (or certain routers) and use your own home internet connection as a VPN while you're out and about.
Oct 11, 2019 The Raspberry Pi is a single-board computer device used for many interesting projects. It’s a small board that get you big results if used properly. Raspberry Pi runs on a Debian based Linux distro called Raspbian. The Pi was originally intended to be a microcomputer to teach children coding.
Jul 11, 2020.
This tutorial shows how to setup NordVPN or any other openvpn based vpn service access point on a Raspberry Pi and share this VPN connection with all of other devices under the LAN (Local Area Network). In other words, we will turn a rapberry pi to a VPN access point.
The advantage of a VPN access point is that, the whole internet traffic of any device in the LAN will be encrypted using one VPN client only. Thus, no need to install many vpn clients in all devices in the network.
Prerequisites
Raspberry pi 3 inclusive microSDHC 8GB (at least) and Micro USB Power Adapter 2A – 5V .
ssh access to the raspberry pi, or connect the raspberry to a Screen or TV using HDMI cable in order to see the commands run for the installation.
USB mouse and keyboard.
Raspbian operating system installed on the microSDHC. Usually, Raspbian should be already installed on the microSDHC card, if purchased together with Raspberry Pi. If it is not the case, you can install it like described in this link.
OpenVPN based VPN service. In our example, we are using NordVPN.
Prepare raspberry pi for VPN installation
First,we will need to switch to the root user and upgrade raspbian operating system using the following commands.
sudo su
apt-get dist-upgrade
apt-get update && apt-get upgrade
Then, configure your network to give raspberry pi a static IP address. There are two ways to do that:
Setup the router to give raspberry pi a static IP address using the MAC address, or configure raspberry pi for a static IP address. Personally, I have setup the router to give raspberry pi always the same IP address based on its MAC address.
Download and install VPN client in the raspberry pi
Install OpenVPN client using the following command:
apt-get install openvpn -y
change the current working directory to /etc/openvpn, where we will save all staff of VPN access point, using the following commands.
cd /etc/openvpn
Create and edit the VPN authentification file with the following command:
OpenVPN will be configured to use this file to authenticate with your account by NordVPN.
Select on the keyboard “Ctrl”, “O” then “ENTER” to save your changes, and select “Ctrl”, “X” to exit the editor.
Download the OVPN configuration files for NordVPN
Go to https://nordvpn.com/ovpn
Download the server configuration files needed for your setup. You can use the “wget” command followed by the link of the chosen server configuration file, or download the configuration file and copy it to the folder /etc/openvpn. Please replace the https link used in the following command with the link of your desired sever configuration file. This link can be copied from https://nordvpn.com/ovpn:
For easy use of the downloaded server configuration file, you can rename the downloaded file to a shorter name using the “mv” command:
Setup the VPN Access Point
Open the downloaded server configuration file using “nano” editor. Please replace the name of the configuration file in this example with the name of your configuration file:
nano de775TCP.ovpn
Within the opened server configuration file, search for the word “auth-user-pass” and add the path to your authentification file, where you have written the login and password of your NordVPN account like following:
Now, you can test if OpenVPN is making a successful connection to NordVPN server.
To do that, run the following command:
openvpn –config “/etc/openvpn/de775TCP.ovpn”
Replace “de775TCP.ovpn” with the name of your configuration file.
If you get an output like this:
you have made a successful connection to a NordVPN server.
To stop the currently running process press CTRL + C.
Best Free Vpn
To be able to move traffic between our local area network and virtual private network, we need to enable Route Forwarding. To enable it, we have to edit the sysctl.conf file and make the following change:
nano /etc/sysctl.conf
Find the line “#net.ipv4.ip_forward =1” and remove “#”
Select on the keyboard “Ctrl”, “O” then “ENTER” to save the changes, and select “Ctrl”, “X” to exit.
Enable the service by running the following command:
sysctl -p
Now, we need to reroute the eth0 traffic through our VPN tunnel using iptables. First we have to flush out our current iptables using the following three commands:
iptables -F
iptables -t nat -F
iptables -X
Then, run the following command to forward all eth0 traffic over the VPN tunnel connection.
iptables -t nat -A POSTROUTING -o tun0 -j MASQUERADE
Now, we need to save our iptables settings, otherwise this settings will be lost after reboot. For that we have to download and install IPtables-persistent. During installation, many questions will be displayed and have to be confirmed.
Rpgmaker xp torrent mac. apt-get install iptables-persistent
Use the following command to save the iptables settings.
netfilter-persistent save
Now, let’s start the routing rules. After that, the Raspberry Pi should be able to route traffic between the local area network and virtual private network.
systemctl enable netfilter-persistent
We need to start our VPN automatically after starting raspberry pi. For that, create a new file “vpn.sh” using the following command:
Replace “de775TCP.ovpn” with the name of your configuration file.
Select on the keyboard “Ctrl”, “O” then “ENTER” to save the changes, and select “Ctrl”, “X” to exit.
Make “vpn.sh” executable. For that, run the following command:
chmod +x /home/pi/vpn.sh
Edit the file /etc/rc.local and copy “/home/pi/vpn.sh” into the file before “exit 0” as shown in the following example.
Raspberry Pi Install Vpn Unlimited On Kodi
nano /etc/rc.local
Select on the keyboard “Ctrl”, “O” then “ENTER” to save the changes, and select “Ctrl”, “X” to exit.
Restart raspberry pi using the command “reboot” and check if VPN tunnel is available using the command “ifconfig”.
If VPN tunnel is available, ifconfig should have an output similar to the following:
Inoder to let any device in the network to connect with VPN, you have to enter the LAN IP address of the raspberry pi into the Standardgateway of the network configuration of the device, like configured in the following example:
Please note that I am using this raspberry pi also as DNS filter for parental control. For that, the same IP address is entered into the field of DNS Server on the example above.
If you did not installed a DNS server on the raspberry pi before, you can write the following DNS server IP addresses on the network configuration window: DNS server1: 8.8.8.8, DNS server2: 8.8.4.4
Enjoy!
Share this:
ⓘ This article may have been partially or fully translated using automatic tools. We apologize for any errors this may cause.
This article follows the article released last week on the establishment of a personal seedbox. Indeed as suggested at the end of the article, it can be very interesting to make the Internet traffic of your seedbox anonymous through the use of a VPN. This article will nevertheless be useful to all those who wish to remain anonymous on the internet.
What is a VPN?
To remain simple, a VPN is a technology that allows to create a secure and anonymous connection between its user and its Internet browsing. This is made possible by the creation of a tunnel encrypted between the user’s computer and private networks elsewhere in the world. The user will therefore go out on the public networks with the IP address of the private networks to which he is connected and not his own.
How to choose a good VPN?
A VPN differs from the competition by several criteria. Price, speed, log retention, security, protocol used are the main ones. For this tutorial we will use the one that we consider the best of the market namely IPVanish. If we take the criteria mentioned just before, today it is the one that offers the best bandwidth and therefore the best speed, This means that your connection will absolutely never bridled because of the VPN. Moreover, it does not retain any logs which ensures total anonymity, the protocol used is simple to use and its price is very affordable. And if you look at the security side, the connection is encrypted in AES 256, in short, that good !
We strongly advise you to use IPVanish too as it will be simpler for you to follow our tutorial.
You should know that there are free VPNs. However we strongly advise against them because they are very restrictive. You are often very limited in connection speed and / or amount of data. Moreover the majority of free VPNs do not accept and block the protocol peer to peer what for a seedbox for example is very disturbing!
Implementation of IPVanish
IPVanish is a vpn that uses the openVPN protocol and its installation is simple! First, run the following command to install openVPN on your Raspberry Pi
Next, you should avoid openVPN starting when the Raspberry Pi starts. To do this, execute the following command:
Openvpn Raspberry Pi
We will now prepare the Raspberry to receive the IPvanish files. Simply create a folder that should only contain IPVanish files. You can put it in your user’s folder. We will take for the example the basic user pi
Now that the folder is created, we will be able to download the openVPN configuration files from IPvanish. You can find the configuration files at http://www.ipvanish.com/software/configs/ . Please note that you must download at least two files. The file with the extension “crt” which corresponds to the certificate that will allow you to connect to the vpn and a file with the extension “ovpn” which will determine the ip that will have your Raspberry Pi on the public networks. You can find the location of the IP in the file name.
As part of this tutorial, we will download all files that are located in compressed folder configs.zip.
Once all the files are downloaded we can launch the VPN with the command
Replace the server with the destination of your choice. For example if you want to have an IP address in Stockholm just use this command
All you have to do is fill in your IPvanish credentials and your Raspberry is completely anonymous.
It is possible that like us, during the first attempt you have this error: ERROR: Cannot open TUN/TAP dev /dev/net/tun: No such device (errno=19)
To fix it, you just have to restart your Raspberry Pi. And re-launch the vpn
If you want to check the good behavior of the VPN, you can run the following command from another SSH connection to not turn off the VPN
You will see that the IP of your Raspberry Pi will be different from that of your computer which you can verify by going to the address http://ipecho.net/ .
Launch the VPN in background task
As you probably notice, if you followed our tutorial to the letter, the VPN is not launched in background task and as soon as we leave the session SSH, the VPN stops what is not very practical . We will remedy this by launching the VPN via a screen.
What is a screen?
To simplify, screen is a command that allows to launch terminals on the server and thus to keep them if the SSH connection is cut. They can be found during a future connection. This will allow us never to close the terminal in which the VPN will be launched, and thus to be able to find it even by starting a new SSH connection.
Setting up the screen
It is necessary to first cut the execution of the VPN if it is running.
Raspberry Pi Install Vpn Unlimited Free
We will install the screen command on the Raspberry Pi if you do not have it yet.
Now let’s create a screen that we will call “vpn”. This will allow us to easily find it during a future connection.
This command will create the terminal and directly attached us to it. We can therefore launch the vpn
It’s over, now if you cut the SSH, the VPN will still turn. During a future SSH connection you can find it using the command
Install Vpn Unlimited On Raspberry Pi
So here you are with a perfectly anonymous connection and so keep your privacy what good news ?