Virtual Private Networks are great if you want to remote into your home computers/network securely… or want to drop your Pi behind enemy lines and have it securely call home. This post will outline how to make a VPN with particular notes for having a Raspberry Pi client. First choose an always on computer at home to be your server. It can be running Windows or Linux. Then choose the software you want to use. I looked at:
- Neo Router – slick propretary
- OpenVPN – Powerful, not as friendly
- Hamachi – LogMeIn’s product seems nice
Set up your VPN server with a domain, listening port, users, & passwords. If you’re like most people your server will be sitting behind a Network Address Translator (NAT) in the form of a wireless router. Point your browser at your router and edit the port forwarding rules so that when the NAT recieves a connection on a certain port, it will direct that connection to your VPN server.
If your are like most people your Internet Service Provider reserves the right to change your assigned IP address, however you still want to be able to connect back home, so we’ll have a computer (probably the VPN server) always run a program to constantly report your current IP address to a DNS register. So the next step is to setup a free Dynamic DNS account online with an organization like:
Download and install your Server (probably your computer at home) to report it’s ip address periodically.
- noip.com has a executable you can download: https://www.noip.com/downloads.php
- afraid.org hosts a page listing http://freedns.afraid.org/scripts/freedns.clients.php
Now that the server is all setup, it’s time to move on to your clients. Depending on the purposes of your VPN I might suggest auto starting the VPN client which uses the DNS name you assigned earlier to call home. VPN relies on the correct time for encryption purposes so you might need to add a freely available time server made for this purpose (The Raspberry Pi has no internal battery so it can’t keep time between reboots). Like many other networks UTA has a time server that you need to add (time.uta.edu) to the Network Time Protocal configuration file /etc/ntp.conf