Using Raspberry Pi as a VPN server

A VPN connection is crucial if you want to surf the internet securely on public Wi-Fi networks or if you want to circumvent country restrictions of, for example, Broadcast Missed when you are abroad. A Raspberry Pi can help you. We turn the mini computer into a VPN router and VPN server.

You can also have this connected to another VPN router, so that you can connect your other devices at home to the Raspberry Pi to watch foreign streams, for example.

01 VPN Router

If you want to use a VPN, you have to configure it on each device (see also the basic VPN course). If you want to circumvent country restrictions on multiple devices in the house, that is cumbersome. That's why we propose a different approach: we turn a Raspberry Pi into a wireless access point. Then we set up a VPN connection on the Pi, so that any device surfing through the access point is automatically on the VPN. You need a USB WiFi adapter that is compatible with the Raspberry Pi.

02 Access point

First, we'll create a wireless access point from our Pi. For this we refer to the previous workshop about the Raspberry Pi as a Tor router. Follow the explanation in the first 12 steps of that workshop. Once you've done all those steps correctly, try connecting to a wireless device on your Pi's SSID. If you have any problems, check here to see if your Wi-Fi adapter is supported on the Pi and if you may need to download other drivers or perform special configuration steps.

03 Tor remove

If you didn't turn your Raspberry Pi into a Tor router in the previous workshop, skip to step 5. Otherwise, we need to undo a few more steps from then. First, we'll set up connections to the Wi-Fi network to go directly through the Ethernet interface instead of through the Tor software. We remove the old NAT rules with sudo iptables -F and sudo iptables -t nat -F. And we remove the Tor software with sudo apt-get remove tor.

04 Tor remove (2)

Then we enter the new NAT rules with the following commands: sudo iptables -t nat -A POSTOUTING -o eth0 -j MASQUERADE, sudo iptables -A FORWARD -i eth0 -o wlan0 -m state --state RELATED,ESTABLISHED -j ACCEPT and sudo iptables -A FORWARD -i wlan0 -o eth0 -j ACCEPT. Save the configuration with sudo sh -c "iptables-save > /etc/iptables.ipv4.nat". In the previous workshop we already made sure that that configuration is read in when you boot your Pi. Now we've undone all Tor-specific aspects from the previous workshop.

Recent Posts

$config[zx-auto] not found$config[zx-overlay] not found