Open VPN: The great piece of our remote connectivity puzzle is how to access our Pi when you are out of your home. I thought it was better to share this because it’s free and easy to set up. If your router provides VPN services on its own, then you might consider that option. If you don’t have that option, then an open VPN is a good option you might consider. In this tutorial, we are going to cover Step by step procedures to set up an Open VPN on Raspberry Pi.
Setting up a VPN is not an easy task for those who have no or little knowledge about the networks. Don’t worry; there is an easy solution for this. PiVPN. PiVPN is an automated script that allows you to set up an Open VPN in a very easy way. This project, in particular, was started by 0-kaladin and began from the code by StarshipEngineer to help to install OpenVPN on a raspberry pi as simple as it can be.
Time needed: 10 minutes.
How to set up Open VPN on Raspberry Pi?
- Let’s begin the installation by issuing the command on the terminal:$ curl -L https://install.pivpn.io | bash
Pi starts downloading and installing the required packages from the internet.
- The script will ask you to answer a few simple questions to set up a VPN. First, it asks to set up the static IP address and hit yes.
- Set up a user which serves as a service account. Pi user is just fine to continue this.
- Choose a user for Pi
- Next is a very important decision to make. PiVPN initially supported OpenVPN. Now, it started supporting WireGuard, another VPN solution, which is started gaining popularity, but it isn’t close to the universe and support as much as Open VPN. We are choosing OpenVPN for this demonstration.
- The script will take a couple of minutes to download and install the packages.
- In the next step, it asks to set up the port and protocol information. It is just fine to go with the default, which is UDP with 1194.
- Next, it asks you to select the DNS Provider of your choice. We are selecting CloudFlare to demonstrate.
- Just take the default No here in Custom Search Domain.
- Supply the DNS name
- Accept the few default options and let the script generate the server and hash-based message authentication code or HMAC.
- Select the ECDSA certificate size
- In the end, it suggests enabling the auto upgrades to fetch security updates. We let this option for you to decide.
- Select ‘Yes’ if you want to download the upgrades the security patches
- If you had selected yes to unattended-upgrades. It downloads a few more things. And, that’s it. You are going to see an installation complete message on your window. Your Open VPN is installed and almost ready to use. The only thing left is to reboot and add VPN clients.
- After rebooting the Pi, open the terminal and type pivpn, a new command which allows adding new clients. See the comprehensive list of options for this new command.
- Pass the -a or add parameters to the pivpn command to add a new client. And enter the new client name and password for it.
- Set the password for the client
- Once done, a new file Mel.ovpn will be created under the /home/pi/ovpns/ which needs to be imported to the client.
- You should need to setup the port forwarding on your internet router as well. As we don’t know what router you have, we kept this out of the topic and let you configure this on your router. We suggest you to check your router’s user manual to know about port forwarding on your router.Once you find the port forwarding options on your router, enable it and create a new port forwarding rule. Enter this information in the rule. Service port and internal port should be 1194, fill Pi’s IP in the IP address, Protocol should be UDP, and that’s all; save these settings to your new rule.
- Download the client application for your operating system from the Open VPN site and Install it on the client machine.
- Open the client application go to import files, and browse the ovpn file to import. It may ask to enter the password. Enter the password you entered in the previous step. After a successful connection with the VPN server. You are going to see a new IP address from the VPN server.