A virtual private network or VPN allows you to avoid government censorship and protect you from malicious practices on the internet. It’s the perfect tool for you when you want to change your location or access a different library of Netflix to stream your favorite show.
Although if you’re not interested in signing up for a VPN service, then you can use a Raspberry Pi to create your own VPN.
In this guide, we’ll tell you how to install a VPN on Raspberry Pi in a series of seven parts so you can easily route your traffic through an encrypted VPN tunnel.
There is more than one advantage of choosing Raspberry Pi as your always-on computer for a VPN. The first advantage is that it’s small so you can place it anywhere, the second advantage is that it consumes very low power, and last but not least, it’s cheap so you’ll be saving some dollahs!
But hey, it’ll be hundred percent free. Because the only fee to pay is for the hardware you’ll require to set up your VPN, which is only a one-time cost.
Nonetheless, setting up a VPN on a Raspberry Pi is not easy peasy lemon squeezy but it’s not rocket science either. All you need is basic literacy for computers with some problem-solving skills and you’re gold.
How to Install a VPN On Raspberry Pi?
You can install a VPN on any computer that is on 24/7. And a good alternative to a computer is Raspberry Pi which basically is a tiny computer. And the more important part is that it is cheap, around $60 with all the needed accessories.
To install a VPN on your Raspberry Pi board, you can use OpenVPN or WireGuard. In this guide, we’ll be installing the WireGuard VPN from a GitHub repository that is tested and it works like a charm.
So let’s not waste more time and hop on to the part that describes the necessary hardware you’ll be needing to install a VPN on your Raspberry Pi.
Hardware that you’ll need:
Part One: Download Raspberry Pi OS & Etcher
- The very first thing to do is download the operating system for our Raspberry Pi board.
- Visit this link and download the “Raspberry Pi OS with desktop“.
- Then download Etcher from here. This will write the operating system to the 8 GB microSD card you’ll connect in the next step. (You can also use Rufus if you prefer)
- After downloading the two software, put your MicroSD card in the card reader and connect it to your computer.
- Launch Etcher and select the OS image of Raspberry Pi.
- Select the inserted microSD card. Press “Flash“.
- When the flashing process is completed, a unique volume will appear with the name “Boot“.
- Access this new volume, press right-click and add a text document naming it “ssh“. It is advised to not add any extension (.txt or any other) while creating this new file.
Part Two: Connecting the Hardware
- Remove your microSD card from the card reader connected to the PC port. Now insert it into your Raspberry Pi board.
- Connect one end of the Ethernet Cable to your router and the other end to the Raspberry Pi.
- Now connect the USB Type C power adapter to the Raspberry Pi.
- Plug your monitor, keyboard, and mouse into the Raspberry Pi board.
- Boot your Raspberry Pi board and you’ll see a setup wizard on your screen.
- Follow the system-specific instructions and complete the setup.
Part Three: Creating a Free Subdomain on FreeDNS
- Visit FreeDNS and sign up for free.
- Fill in the signup form by providing your name, user ID, password, and email.
- FreeDNS will send a verification email to your account. Verify your email.
- Now come back to FreeDNS and click on “Add a subdomain“.
- Let the Type remain as A.
- Click on the drop-down menu in the text field of Domain and choose a domain of your preference.
- In the Subdomain, enter any name of your choice.
- Type “0.0.0.0” in the Destination field.
- Complete the rest of the requirements and press Save.
Part Four: Setting up Dynamic DNS on Powershell
- On your Raspberry Pi Windows Powershell, type “ssh pi@[enter IP address here]” and press Enter.
- The Powershell will ask for a password, enter the previously configured password, and press Enter again.
- Now type “sudo apt install ddclient” to install the ddclient software.
- Keep on pressing enter for the next popup windows until they’re gone.
- Now type “sudo nano /etc/ddclient.conf” so that ddclient knows which address needs to be updated.
- Remove the piece of text which is already there and replace it with:
syslog=no # log update msgs to syslog
#mail=root # mail all msgs to root
#mail-failure=root # mail failed update msgs to root
pid=/var/run/ddclient.pid # record PID in file.
ssl=yes # use ssl-support. Works with
login=YOUR FREEDNS LOGIN
password=YOUR FREEDNS PASSWORD
- Make sure you replace the dummy text in “login” and “password” with your credentials. And replace the “your.freedns.domain” with “[your subdomain name].[your domain name]“
- Now press Ctrl+O for file saving and Ctrl+X to close the window.
- Open Powershell again and type “sudo nano /etc/default/ddclient” so we can edit this file.
- Change the run_daemon file to “true” and everything else to “false“.
- Press Ctrl+O and Ctrl+X again.
- Now type “sudo systemctl restart ddclient” to restart the ddclient service.
- Type “sudo systemctl status ddclient” to check the status.
- Press Enter.
- Don’t worry if the result says “FAILED“. Just go to your browser and reload the subdomain page.
- If 0.0.0.0 has changed to the actual IP, then it worked.
- Come back to the Powershell and type “sudo systemctl enable ddclient“. This will make sure that your ddclient software is always enabled whenever Raspberry Pi is powered on.
Part Five: Port Forwarding
- We have to set up port forwarding in order to make the VPN accessible to devices outside of your home network.
- Go to your router’s configuration page and find the section for Port Forwarding.
- Find and then click on “Add Device for Sharing“. (Remember that the settings of your admin panel will depend on your router’s firmware, we are using Fritz Box).
- Pick Raspberry Pi in the device section.
- Create a new entry for Port Forwarding.
- Select “other application” in Application.
- Enter a name, select a protocol (if you’re not sure, select UDP).
- Enter the port “51820” in the relevant section. If your router requires two ports, enter the same port in both sections.
- Check the box for “internet access via IPv4 and IPv6” and press OK.
Part Six: To Install WireGuard VPN
- We’ll need to install the WireGuard VPN from a GitHub repository.
- Visit this page and copy the command. Paste it in the terminal.
- The command requires root or superuser privileges so you need to type the command “sudo bash wireguard-install.sh“.
- It will require the hostname from you, type the dynamic DNS from earlier and press Enter.
- Enter a client name of your choice.
- Now select a DNS server for the client. If you’re not certain which one to choose then select 184.108.40.206.
- The installation will start.
Part Seven (A): How to Connect Your VPN from a Mobile
- You’ll see a QR Code on your screen when the WireGuard VPN is installed.
- Download the WireGuard application on your smartphone from your store (Google Play or App Store).
- Launch the app and tap on the “+” sign and then tap on “Create from QR code“.
- Scan the QR Code on your screen.
- Name it and tap Save.
Part Seven (B): How to Connect Your VPN from a Computer
- Access your Raspberry Pi board from the terminal. Type “ssh pi@[enter IP address here]” and enter the password.
- Type “sudo su” and press Enter.
- Type “cp /root/*.conf /home/pi“.
- Now create a new folder that can carry all the configuration files of WireGuard.
- Open that folder. Hold shift and right-click inside the folder anywhere and select “Open Powershell window here“.
- The Powershell window will pop on your screen. Type “sftp pi[type IP address here]” and press Enter.
- Type in your password.
- Now to copy all the configuration files, type “get *.conf” and press Enter.
- Close the Powershell.
- Visit this page to download WireGuard. Select the correct file according to your operating system.
- Install the WireGuard software and launch it.
- Click on “Import tunnel from file“.
- Select the WireGuard folder and import your previously created file.
- Click on Activate to connect to the VPN.
What Is A VPN?
A VPN can hide your online identity and keep you safe from modern-day internet threats like malware, ransomware, phishing, or hacking.
To tell you how a VPN works, it simply creates a secure tunnel between a user and a VPN server. Every operation of the user is encrypted and passed through the VPN tunnel which eliminates the intervention of third parties like hackers, ISPs, or government agencies.
It was widely used by businesses to make sure their remote employees can have easy access to the resources of the company but nowadays its use-case is more towards escaping data thefts, accessing geo-restricted websites, and streaming different libraries of streaming platforms like Netflix, Amazon Prime Video, or HBO Max.
Why Use Raspberry Pi for a VPN?
Setting up a VPN on a Raspberry Pi raises a question. Why use Raspberry Pi to set up a VPN while you can just get a third-party VPN service? While that’s okay too, this way of setting up a VPN can provide you with several advantages.
Frequently Asked Questions – FAQs
Is it okay to create your own VPN?
Is using a third-party VPN service safe?
What are the benefits of creating a VPN on Raspberry Pi?
Should I create my own VPN or use a third-party VPN service instead?