gabriel.rosseel
Posts: 136
Joined: Fri May 05, 2017 8:21 am

VPN

Thu Jan 11, 2018 10:36 am

I would like to install a VPN server on my Raspberry Pi (Raspbian Stretch).
Is OpenVPN a good VPN server or are there better alternatives?
What about a VPN client in Windows: are there VPN clients (build-in) that can connect to an OpenVPN server?
thanks for any answer in advance.

User avatar
neilgl
Posts: 952
Joined: Sun Jan 26, 2014 8:36 pm
Location: Near Aston Martin factory

Re: VPN

Thu Jan 11, 2018 12:56 pm

Yes OpenVPN works on the pi. And you can get Windows (added not built in) and iOS and android clients (apps) to connect to the server.

gabriel.rosseel
Posts: 136
Joined: Fri May 05, 2017 8:21 am

Re: VPN

Thu Jan 11, 2018 1:00 pm

thank you

User avatar
rpdom
Posts: 15187
Joined: Sun May 06, 2012 5:17 am
Location: Chelmsford, Essex, UK

Re: VPN

Thu Jan 11, 2018 9:10 pm

I use OpenVPN on a Pi B+, also Tinc, which is a "mesh" VPN rather than end to end.

davidanderle
Posts: 1
Joined: Wed Feb 07, 2018 4:37 pm

Re: VPN

Wed Feb 07, 2018 4:44 pm

I am curious whether I could connect to an OpenVPN server running on an RPi from Windows 10, using the built-in VPN handler (System settings-->Change Virtual Private Networks (VPN)).

The reason I'm asking is because what I gathered from some tutorials, I need an RSA key to access the OpenVPN server, which the Windows 10 VPN handler does not seem to support.

Segaco
Posts: 2
Joined: Wed Feb 14, 2018 11:10 am

Re: VPN

Wed Feb 14, 2018 12:02 pm

Don't forget to read this comparison.

I also suggest you delve into this introduction to understand it better before you proceed with anything and hide your traffic correctly.

Muntic0re
Posts: 14
Joined: Thu Dec 08, 2016 4:33 pm

Re: VPN

Thu Feb 15, 2018 3:05 pm

What about a proxy? Good private proxy server will hide your true IP address and make the server controlling your target website unable to detect your real address.
Last edited by Muntic0re on Wed Apr 04, 2018 8:46 am, edited 1 time in total.

jamesh
Raspberry Pi Engineer & Forum Moderator
Raspberry Pi Engineer & Forum Moderator
Posts: 23647
Joined: Sat Jul 30, 2011 7:41 pm

Re: VPN

Thu Mar 08, 2018 10:55 am

I've been meaning to write a documentation article on setting up a VPN, but don't really know a lot about it and don't really have time.

So if anyone wants to write something and submit it as a PR, that would be pretty cool.

https://www.raspberrypi.org/documentati ... -github.md

https://github.com/raspberrypi/documentation/issues/599
Principal Software Engineer at Raspberry Pi (Trading) Ltd.
Contrary to popular belief, humorous signatures are allowed. Here's an example...
"My grief counseller just died, luckily, he was so good, I didn't care."

User avatar
DougieLawson
Posts: 36106
Joined: Sun Jun 16, 2013 11:19 pm
Location: Basingstoke, UK
Contact: Website Twitter

Re: VPN

Thu Mar 08, 2018 12:11 pm

jamesh wrote:
Thu Mar 08, 2018 10:55 am

So if anyone wants to write something and submit it as a PR, that would be pretty cool.
I wrote something in a previous life that could be hacked into submission for Raspberries, except it looks like IBM.com have removed it now. It still shows up in their search engine but the link has died.

https://www.ibm.com/developerworks/comm ... 6_and_ipv6

I'll see what I can do. Last time I tested my OpenVPN was in Australia. It routes both IPv4 & IPv6.

I've got a Portuguese colleague who's got a Raspberry Pi3 as he wants a OpenVPN from his house in Manchester, UK to his other house in Portugal. I've done the bare bones install for that, but we've not yet opened port 1194 on his router or tested it.
Note: Having anything humorous in your signature is completely banned on this forum. Wear a tin-foil hat and you'll get a ban.

Any DMs sent on Twitter will be answered next month.

This is a doctor free zone.

epoch1970
Posts: 3664
Joined: Thu May 05, 2016 9:33 am
Location: Paris, France

Re: VPN

Thu Mar 08, 2018 1:50 pm

jamesh wrote:
Thu Mar 08, 2018 10:55 am
I've been meaning to write a documentation article on setting up a VPN, but don't really know a lot about it and don't really have time.

So if anyone wants to write something and submit it as a PR, that would be pretty cool.
There are so many use cases, it's hard to write one single how-to. Just in case:

- In the unusual setup dept. I wrote this post, it creates an L2 tunnel over L3 and was meant to show how to "bridge" ethernet with a wifi client interface on Pi 3.
(The server side could be converted to a Raspbian Stretch install.)

- My recipe for roadwarriors setups: passwordless certificate-based authentication, any login name, current TOTP code as password.
Client side, roadwarriors OpenVPN configs must include a line which reads "auth-user-pass".
Users are told to setup Authenticator or another TOTP mobile app, choose (and save) a login name in their software OpenVPN client on the PC, type (and not save) the current TOTP key displayed on their phone as password.
So access is password-protected, but users don't have to choose or remember a password, they only have to flash a QR code once. In case the tunnel breaks the current code has to be entered again, but in practice it's not too bad.

Server side setup:

Code: Select all

$ sudo apt-get install libpam-google-authenticator
$ /usr/bin/google-authenticator --time-based --disallow-reuse --label="OVPN Roadwarriors" --rate-limit=3 --rate-time=30 --window-size=15 --secret=/etc/openvpn/roadwarriors/rw.totp

$ grep -A5 plugin /etc/openvpn/roadwarriors.conf 
plugin /usr/lib/openvpn/openvpn-plugin-auth-pam.so openvpn-roadwarriors
       # TOTP challenge for roadwarriors. See /etc/pam.d/openvpn-roadwarriors
       # Login to enter from clients: any will do
       # Password: current TOTP code
       # TOTP secret shared by all roadwarriors users.
       # Certs are unique.

$ cat /etc/pam.d/openvpn-roadwarriors
# TOTP code auth to OpenVPN
# Username: any will do
account	required	pam_permit.so
# Password: TOTP code only
# The TOTP secret is the same for all users. Certs are unique.
auth	required	pam_google_authenticator.so user=root secret=/etc/openvpn/roadwarriors/rw.totp
# Log success/failure in /var/log/auth.log
auth	required	pam_warn.so
With pam_permit "verifying" the account name, OpenVPN roadwarriors do not need to exist as valid unix users on the OpenVPN server machine.

HTH
"S'il n'y a pas de solution, c'est qu'il n'y a pas de problème." Les Shadoks, J. Rouxel

jlonjin
Posts: 1
Joined: Fri Mar 09, 2018 7:18 pm

Re: VPN

Fri Mar 09, 2018 7:27 pm

My use case is using my business wifi and connecting inside my network for an IoT project test. Our VPN here is L2TP/IPSec PSK, wondering what OS is best and what VPN client I can install, all tests to this point have crashed. Beginner on Pi, official tinkerer.

nios2
Posts: 38
Joined: Mon Mar 12, 2018 3:22 am

Re: VPN

Mon Mar 12, 2018 3:43 am

The choice of VPN will depend on your reason for using a VPN. Are you using it for IP protection or to overcome geoblocking?

Alex White
Posts: 3
Joined: Tue Mar 13, 2018 8:40 am

Re: VPN

Mon Mar 19, 2018 10:15 am

I find to you some alternative choice of vpn, as you asked at previous post. It is HotSpot Shield. You can read about it on wiki https://en.wikipedia.org/wiki/Hotspot_Shield.
I've been looking for a good VPN for a long time. Chose from review on this web https://topvpnchoice.com
If you want always be in unsecured networks, it is the best one. So another vpn service you also find there. I think, it is it is convenient vpn, cause it can be used on different OS.

Muntic0re
Posts: 14
Joined: Thu Dec 08, 2016 4:33 pm

Re: VPN

Wed Apr 04, 2018 8:28 am

There are many good vpn services, here on Anta NET you can find many reviews. Currently I am using Nova vpn. It's not expensive and I often use it in my trips. In China for example with it help I successfully bypassed its firewall, and I can definitely tell you relying on my experience that it's the best vpn china iphone. So you just need to pick one that suits your needs.

Rodney_Rhodes
Posts: 3
Joined: Wed Jun 27, 2018 8:24 am

Re: VPN

Tue Jul 03, 2018 10:01 am

I am traveling to Australia and searching good VPN for my Raspberry Pi. Anyone suggest me about the best Raspberry Pi VPN that works well in Australia. Though I found the list of few good VPN services for Australia here: https://www.reviewsdir.com/best-australia-vpn/ But still, I want few suggestions.
Last edited by Rodney_Rhodes on Thu Dec 20, 2018 1:21 pm, edited 1 time in total.

User avatar
neilgl
Posts: 952
Joined: Sun Jan 26, 2014 8:36 pm
Location: Near Aston Martin factory

Re: VPN

Thu Jul 05, 2018 8:45 pm

The OpenVPN I have on my pi3 has been tested from USA, Portugal, Spain, Canada, India, New Zealand, Singapore etc. All ok. I had to increase the timeout for NZ.

vpnbest
Posts: 3
Joined: Tue Nov 07, 2017 12:19 pm

Re: VPN

Fri Aug 03, 2018 12:34 pm

Does anyone here have used PureVPN? How will it work on raspberry pi ? I was reading PureVPN Review and asked their customer support too and they answered me yes you can but will it affect my speeds ?

freddieodom
Posts: 2
Joined: Mon Sep 24, 2018 6:56 am

Re: VPN

Thu Nov 08, 2018 1:03 pm

I found an article on Good in this regard. Hope this might be helpful for you.

Here is the link:

https://medium.freecodecamp.org/running ... 496e46c960

sandyroberts
Posts: 1
Joined: Sat Jun 25, 2016 10:42 am

Re: VPN

Thu Jan 10, 2019 6:59 pm

Those who have had the chance of using multiple VPNs and gone through their features and services; they must have seen OpenVPN on the list. It’s a VPN protocol that’s introduced 15 years back; it is currently the only protocol of its kind that is accessible via an open source application. Since it’s widely popular; it has been integrated to work on a few of the most famous user platforms like macOS, WindowsXP, iOS, Android, and Linux. For further details about OpenVPN kindly read OpenVPN Explained

User avatar
mahjongg
Forum Moderator
Forum Moderator
Posts: 12219
Joined: Sun Mar 11, 2012 12:19 am
Location: South Holland, The Netherlands

Re: VPN

Mon Jan 21, 2019 1:38 pm

Locking as this thread is turning into a VPN advertisement site for commercial VPN services.

Return to “Beginners”