How to secure your connection to the outside world with a DIY VPN

Creating your own VPN on a Raspberry Pi is a relatively straightforward process, involving numerous steps. We’ve put together a short guide that’ll walk you through installing an OS, setting up the VPN, creating users, and logging in using your favorite client.

Products used in this guide

How to build your own VPN with Raspberry Pi

Configuring your own VPN is a great way to save a little on a monthly subscription while getting to know the ins and outs of how it all works by setting it all up. This route does come with some risks, however. Since this server will be running on your home network and will be accessible from outside, you’ll need to make sure everything on your LAN is secure.

Installing the Raspbian OS

  1. Download Raspbian OS ISO.
  2. Write the ISO file to your SD card, using an app like Rufus.
  3. Insert the SD card into the Raspberry Pi.
  4. Plug in your favorite keyboard and mouse.
  5. Follow the installation wizard.
  6. Upon completion, ensure the OS is secured with a password.
  7. We’ll also need to set a static IP for the VPN server to use. Edit /etc/dhcpcd.conf and set static ip_address to one not used by any other device on the network. Here’s an example of what may be present:
    • interface eth0
    • static ip_address=192.168.1.30/24
    • static routers=192.168.1.1
    • static domain_name_servers=192.168.1.1
  8. Save the file.
  9. If you have a static external IP from your ISP you can move onto installing the VPN, but if your ISP provides a dynamic IP address (as in it changes every now and then to a new value), follow this excellent guide on PiMyLifeUp on setting up DNS on Raspbian OS.

Installing a VPN

  1. Install PiVPN by pasting the following command into the terminal (and hit enter):

    curl -L https://install.pivpn.io | bash

  2. Run pivpn by typing it into the terminal.
  3. Follow the wizard.
  4. Hit Yes on the static IP address confirmation screen.
  5. Hit OK.
  6. Hit OK.
  7. Choose your user, hit OK.
  8. Hit OK.
  9. Choose Yes to enable automatic upgrades. (Highly recommended.)

    PiVPN Install

    Source: Windows Central

  10. Choose UDP and hit OK.
  11. Enter a random port number not already used by another network service and hit OK. (We recommend setting a custom port to better enhance security against potential scans and attacks.)
  12. Confirm your port number by hitting Yes.

    PiVPN Install

    Source: Windows Central

  13. Choose 2048-bit encryption and hit OK. (You can use 4096, but this would affect VPN performance.)
  14. Hit OK and wait a while for various VPN-related things to be installed and configured.
  15. Hit Yes when the installer asks you to use OpenVPN 2.4 if you know your favorite client supports it.
  16. Choose DNS Entry and hit OK. (Leave on public IP if you have a static IP address and did not set up DNS for external access.)
  17. Enter the custom DNS name for the VPN server.
  18. Choose a DNS provider.
  19. Hit Yes to reboot the Raspberry Pi.

Adding a user to the VPN

  1. Run the following in the terminal: sudo pivpn add
  2. Enter an identifying name for the user.
  3. Set a secure password.
  4. Now you need to copy the .opvn files stored in /home/pi/ovpns to devices you wish to connect to the VPN. You can think of these as certificates. Use a USB to take them off the Pi or connect to the device using an SFTP client like FileZilla.
  5. Provided with the password and .opvn file, users will now be able to connect to the VPN.

Connecting to the VPN

  1. Download the OpenVPN client, or you can use your favorite alternative.
  2. Set up a new connection by importing the .opvn file and entering the user password.
  3. Connect, and you’re now good to go!

We test and review VPN services in the context of legal recreational uses. For example:

1. Accessing a service from another country (subject to the terms and conditions of that service).
2. Protecting your online security and strengthening your online privacy when abroad.

We do not support or condone the illegal or malicious use of VPN services. Consuming pirated content that is paid-for is neither endorsed nor approved by Future Publishing.

We may earn a commission for purchases using our links. Learn more.

Leave a Reply

Your email address will not be published. Required fields are marked *