A virtual private network or VPN allows you to avoid government censorship and protect you from malicious practices on the internet. It’s the perfect tool for you when you want to change your location or access a different library of Netflix to stream your favorite show.
And you can do all of this just by getting a VPN subscription to a reliable VPN service like ExpressVPN or NordVPN but you’ll have to pay for your subscription plan.
Although if you’re not interested in signing up for a VPN service, then you can use a Raspberry Pi to create your own VPN.
In this guide, we’ll tell you how to install a VPN on Raspberry Pi in a series of seven parts so you can easily route your traffic through an encrypted VPN tunnel.
There is more than one advantage of choosing Raspberry Pi as your always-on computer for a VPN. The first advantage is that it’s small so you can place it anywhere, the second advantage is that it consumes very low power, and last but not least, it’s cheap so you’ll be saving some dollahs!
However, you will not be enjoying additional features which third-party VPN services offer, like a Kill-Switch, double VPN, or a split-tunneling tool.
But hey, it’ll be hundred percent free. Because the only fee to pay is for the hardware you’ll require to set up your VPN, which is only a one-time cost.
Nonetheless, setting up a VPN on a Raspberry Pi is not easy peasy lemon squeezy but it’s not rocket science either. All you need is basic literacy for computers with some problem-solving skills and you’re gold.
Short on time? Here’s a Short Summary of How to Install a VPN On Raspberry Pi.
To install a VPN on your Raspberry Pi board, you need a handful of the required hardware. Then by downloading the Raspberry Pi OS on your board and with the help of the necessary commands from GitHub, we’ll be able to set up a VPN on our Raspberry Pi board.
How to Install a VPN On Raspberry Pi?
You can install a VPN on any computer that is on 24/7. And a good alternative to a computer is Raspberry Pi which basically is a tiny computer. And the more important part is that it is cheap, around $60 with all the needed accessories.
To install a VPN on your Raspberry Pi board, you can use OpenVPN or WireGuard. In this guide, we’ll be installing the WireGuard VPN from a GitHub repository that is tested and it works like a charm.
So let’s not waste more time and hop on to the part that describes the necessary hardware you’ll be needing to install a VPN on your Raspberry Pi.
Hardware that you’ll need:
- A router that should support port forwarding. If you don’t know if you’re router has port forwarding functionality then go to your router’s configuration page by typing 192.168.0.1 or 192.168.1.1 in your browser and search for the Port Forwarding function.
- A computer that’s always on. In this example, we are using a Raspberry Pi board which is a tiny computer.
- A power adapter.
- A microSD card reader (if your computer doesn’t have one).
- A microSD card (at least 8 GB).
- A micro HDMI to HDMI adapter. This is for connecting a monitor, keyboard, and mouse to the Raspberry Pi to make the setup easier.
- An ethernet cable.
Part One: Download Raspberry Pi OS & Etcher
- The very first thing to do is download the operating system for our Raspberry Pi board.
- Visit this link and download the “Raspberry Pi OS with desktop“.
- Then download Etcher from here. This will write the operating system to the 8 GB microSD card you’ll connect in the next step. (You can also use Rufus if you prefer)
- After downloading the two software, put your MicroSD card in the card reader and connect it to your computer.
- Launch Etcher and select the OS image of Raspberry Pi.
- Select the inserted microSD card. Press “Flash“.
- When the flashing process is completed, a unique volume will appear with the name “Boot“.
- Access this new volume, press right-click and add a text document naming it “ssh“. It is advised to not add any extension (.txt or any other) while creating this new file.
Part Two: Connecting the Hardware
- Remove your microSD card from the card reader connected to the PC port. Now insert it into your Raspberry Pi board.
- Connect one end of the Ethernet Cable to your router and the other end to the Raspberry Pi.
- Now connect the USB Type C power adapter to the Raspberry Pi.
- Plug your monitor, keyboard, and mouse into the Raspberry Pi board.
- Boot your Raspberry Pi board and you’ll see a setup wizard on your screen.
- Follow the system-specific instructions and complete the setup.
Part Three: Creating a Free Subdomain on FreeDNS
- Visit FreeDNS and sign up for free.
- Fill in the signup form by providing your name, user ID, password, and email.
- FreeDNS will send a verification email to your account. Verify your email.
- Now come back to FreeDNS and click on “Add a subdomain“.
- Let the Type remain as A.
- Click on the drop-down menu in the text field of Domain and choose a domain of your preference.
- In the Subdomain, enter any name of your choice.
- Type “0.0.0.0” in the Destination field.
- Complete the rest of the requirements and press Save.
Part Four: Setting up Dynamic DNS on Powershell
- On your Raspberry Pi Windows Powershell, type “ssh pi@[enter IP address here]” and press Enter.
- The Powershell will ask for a password, enter the previously configured password, and press Enter again.
- Now type “sudo apt install ddclient” to install the ddclient software.
- Keep on pressing enter for the next popup windows until they’re gone.
- Now type “sudo nano /etc/ddclient.conf” so that ddclient knows which address needs to be updated.
- Remove the piece of text which is already there and replace it with:
syslog=no # log update msgs to syslog
#mail=root # mail all msgs to root
#mail-failure=root # mail failed update msgs to root
pid=/var/run/ddclient.pid # record PID in file.
ssl=yes # use ssl-support. Works with
login=YOUR FREEDNS LOGIN
password=YOUR FREEDNS PASSWORD
- Make sure you replace the dummy text in “login” and “password” with your credentials. And replace the “your.freedns.domain” with “[your subdomain name].[your domain name]“
- Now press Ctrl+O for file saving and Ctrl+X to close the window.
- Open Powershell again and type “sudo nano /etc/default/ddclient” so we can edit this file.
- Change the run_daemon file to “true” and everything else to “false“.
- Press Ctrl+O and Ctrl+X again.
- Now type “sudo systemctl restart ddclient” to restart the ddclient service.
- Type “sudo systemctl status ddclient” to check the status.
- Press Enter.
- Don’t worry if the result says “FAILED“. Just go to your browser and reload the subdomain page.
- If 0.0.0.0 has changed to the actual IP, then it worked.
- Come back to the Powershell and type “sudo systemctl enable ddclient“. This will make sure that your ddclient software is always enabled whenever Raspberry Pi is powered on.
Part Five: Port Forwarding
- We have to set up port forwarding in order to make the VPN accessible to devices outside of your home network.
- Go to your router’s configuration page and find the section for Port Forwarding.
- Find and then click on “Add Device for Sharing“. (Remember that the settings of your admin panel will depend on your router’s firmware, we are using Fritz Box).
- Pick Raspberry Pi in the device section.
- Create a new entry for Port Forwarding.
- Select “other application” in Application.
- Enter a name, select a protocol (if you’re not sure, select UDP).
- Enter the port “51820” in the relevant section. If your router requires two ports, enter the same port in both sections.
- Check the box for “internet access via IPv4 and IPv6” and press OK.
Part Six: To Install WireGuard VPN
- We’ll need to install the WireGuard VPN from a GitHub repository.
- Visit this page and copy the command. Paste it in the terminal.
- The command requires root or superuser privileges so you need to type the command “sudo bash wireguard-install.sh“.
- It will require the hostname from you, type the dynamic DNS from earlier and press Enter.
- Enter a client name of your choice.
- Now select a DNS server for the client. If you’re not certain which one to choose then select 126.96.36.199.
- The installation will start.
Part Seven (A): How to Connect Your VPN from a Mobile
- You’ll see a QR Code on your screen when the WireGuard VPN is installed.
- Download the WireGuard application on your smartphone from your store (Google Play or App Store).
- Launch the app and tap on the “+” sign and then tap on “Create from QR code“.
- Scan the QR Code on your screen.
- Name it and tap Save.
Part Seven (B): How to Connect Your VPN from a Computer
- Access your Raspberry Pi board from the terminal. Type “ssh pi@[enter IP address here]” and enter the password.
- Type “sudo su” and press Enter.
- Type “cp /root/*.conf /home/pi“.
- Now create a new folder that can carry all the configuration files of WireGuard.
- Open that folder. Hold shift and right-click inside the folder anywhere and select “Open Powershell window here“.
- The Powershell window will pop on your screen. Type “sftp pi[type IP address here]” and press Enter.
- Type in your password.
- Now to copy all the configuration files, type “get *.conf” and press Enter.
- Close the Powershell.
- Visit this page to download WireGuard. Select the correct file according to your operating system.
- Install the WireGuard software and launch it.
- Click on “Import tunnel from file“.
- Select the WireGuard folder and import your previously created file.
- Click on Activate to connect to the VPN.
What Is A VPN?
A VPN can hide your online identity and keep you safe from modern-day internet threats like malware, ransomware, phishing, or hacking.
To tell you how a VPN works, it simply creates a secure tunnel between a user and a VPN server. Every operation of the user is encrypted and passed through the VPN tunnel which eliminates the intervention of third parties like hackers, ISPs, or government agencies.
It was widely used by businesses to make sure their remote employees can have easy access to the resources of the company but nowadays its use-case is more towards escaping data thefts, accessing geo-restricted websites, and streaming different libraries of streaming platforms like Netflix, Amazon Prime Video, or HBO Max.
Why Use Raspberry Pi for a VPN?
Setting up a VPN on a Raspberry Pi raises a question. Why use Raspberry Pi to set up a VPN while you can just get a third-party VPN service? While that’s okay too, this way of setting up a VPN can provide you with several advantages.
No Monthly Cost. If you opt for a third-party VPN service, you’ll need to pay for the subscription plan every month. While you can save some bucks if you go for the longer-term plans of VPN services, you still have to pay even if you sign up for a two-year plan. But if you set up a VPN on your Raspberry Pi, you’ll have no monthly cost. The OpenVPN and WireGuard are open-source and free of cost.
Raspberry Pi Is Cheap. You can set up a VPN on any computer as long as it’s working 24/7. But it’s not possible to run a computer all day long. Firstly, it’s an expensive device and secondly, it’ll contribute its part to your monthly electricity bill if it’s running 24/7. And this is where Raspberry Pi comes into action. Raspberry Pi is cheap even if you get it with all its accessories and it consumes less power.
No Third Parties Involved. Using a third-party VPN service will hide you from your internet service provider but your data will still be visible to your VPN service provider as the key bearer other than you to decrypt your internet traffic is the VPN service provider. However, reliable VPN services have strict policies for logging customer data but if you still want no third-party involvement then creating your own VPN on a Raspberry Pi is one of the best options.
Accessing Local Services. You will be able to access the local services securely. And no matter where you are, you can easily access your home network from anywhere, anytime.
Frequently Asked Questions – FAQs
Is it okay to create your own VPN?
Is using a third-party VPN service safe?
What are the benefits of creating a VPN on Raspberry Pi?
Should I create my own VPN or use a third-party VPN service instead?
It’s a lengthy process but we hope by now you know how to install a VPN on Raspberry Pi with the necessary hardware required.
If you just want to use a VPN without knowing the insights on what goes behind then get a VPN subscription to a third-party VPN service. All you need is to download the VPN app, log in to your VPN account, and connect to a server location.
However, if you want a free option and more control over where your data goes behind the scene, then setting up a VPN using a Raspberry Pi board is the way to go. But remember that you’ll need to carry out the process with some technical skills in your pocket.