How to setup a Raspberry Pi OpenVPN gateway
ฝัง
- เผยแพร่เมื่อ 4 ก.ค. 2024
- Today I'm showing you how to set up a Raspberry Pi as an OpenVPN sharing gateway.
Chapters:
00:00 - Intro
00:19 - Parts needed
01:13 - Flashing Raspberry Pi OS to the SD card
03:17 - Booting the Raspberry Pi with Raspberry Pi OS
03:59 - Finding out the Raspberry Pi's IP address with Advanced IP Scanner
05:20 - Connecting to the Raspberry Pi via SSH
06:38 - Updating the Raspberry Pi
07:38 - Setting a static IP address on the Raspberry Pi
10:50 - Installing and configuring OpenVPN on the Raspberry Pi
13:55 - Testing the OpenVPN connection on the Raspberry Pi
14:39 - Setting the OpenVPN connection to start on boot
15:54 - Setting IP Forwarding on the Raspberry Pi
16:37 - Installing and configuring iptables on the Raspberry Pi
19:18 - Setup a test machine for testing the gateway
21:28 - What is DNS leak and how to prevent it?
23:05 - Installing Bind9, a DNS server, on the Raspberry Pi
23:35 - Edit Bind9 config file
26:40 - Sharing the VPN gateway with all network clients
27:24 - Speed tests and conclusion
Links for the hardware used in this video or similar:
Raspberry Pi Kit: amzn.to/3tSZNm8
Sandisk SD cards: amzn.to/3hYzGET
USB Network Adapters: amzn.to/36hg2l6
The channel might get a small commission if you buy using the links above.
Please note that this DOESN'T AFFECT the item's final price and what you pay is the price you see on screen.
Thank you for supporting the channel
References used for this video:
DNS Leak: en.wikipedia.org/wiki/DNS_leak
DNS Leak Test: dnsleaktest.com/
NAT and iptables: www.howtoforge.com/nat_iptables
support.hpe.com/hpesc/public/...
iptables: linux.die.net/man/8/iptables
IP forwarding: openvpn.net/faq/what-is-and-h...
forums.raspberrypi.com/viewto...
thepi.io/how-to-use-your-rasp...
thepi.io/how-to-use-your-rasp...
Thank you for watching! - วิทยาศาสตร์และเทคโนโลยี
A really excellent piece of work - if closely followed it works perfectly. One thing to be aware of is that many installations now use NetworkManager by default so setting a fixed IP is a bit different. A quick Google will give the info.
(Thanks for video - I hadn't set one of these up for years...your iptables reminder was a godsend.)
Excellent video. This filled in a few knowledge gaps I had about how things work. Thank you.
This video should be public domain. It's perfect. Many thanks.
Thanks for the video! It was super helpful in getting my setup running. I also really enjoy your narration - there's something a bit comforting about your tone :) Cheers!
Oh, Thank you! :))
Perfecto - The absolute best guide I have ever followed. Step by step and everything worked .. for a change. Thank you so much for your time.
Very useful video. I managed to use systemd instead of the rc.local to setup the openvpn as a service. enable, disable, start, stop , status are working fine with the systemctl command.
Great tutorial! Thank you!
Nice tutorial. It works sufficiently fast for my needs on Raspberry Pi 2. One problem that I have is that when the tunnel is up, I have a problem resolving names when working locally on the Pi. (Temporary failure in name resolution). Is the name lookup somehow going through the tunnel and not resolved? Any ideas?
This was brilliant help, thanks a lot
You're welcome!
thx everything worked fine, is it possible that the pi reconnect to the vpn when the connection is lost whitout restart the complet pi?
Works well is there a way to add a kill switch if the OpenVPN service isnt running as I found that if the OpenVPN service stops its routes all traffic thru the default GW unencrypted
i have starlink which has CGNAT so no portforwarding. I have a really obscure question. I have a raspberry pi with dreampi software installed on it so I can play sega dreamcast games online. Some of the games require port forwarding and/or enabling dmz on the dreamcast ip. Could I use a secondary raspberry pi and set up or install a vpn on it and then connect the dreampi to it? to achieve port forwarding?
your instruction for enabling the VPN worked, thank u! i couldn't get it to work in pi OS GUI interface , but this worked. however qBittorrent refuses to download when this VPN is enabled. will doing that stuff with the IP tables fix it? or what can i do?
Can we bypass configuring the ip settings on the client machine by using an ethernet connection to the raspberry pi instead of wifi?
How can I exclude everything for samba ports? Now when connected via the pi gateway and try to access the samba it try to access via tun0.
Great tutorial. Only issue is speed. Is it possible to do this using wireguard?
Hi Matt, no idea ... If you find that out, let us know please!
The setup seems to go well but I can't find the Wi-Fi, it apparently is not broadcast and it is not what I set it as when I wrote to the SD card. Any help is appreciated
where do you get the username and password from? do you set it up earlier?
Can i have it running on my PiHole raspberry? dont want to mess up with pihole setup
I would like a second video showing how to use this to provide access to to a host running services inside the LAN, across that VPN connection.
I've got one issue, my pi is connected but on my devices it's still showing my public ip and not the vpn connect public ip when I check using whatismyip sites
if you are using nord then the username and password is not your normal one, you need to find out the username and password to use from the dashboard in the "setup manually" section
Using google's dns server wont be an issue ? Like a loss of privacy
How to use windows RDP over the internet...using Raspberry Pi with OpenVPN
Keep getting 404 error on getting the openvpn
i don t understand if you are trying to configure a client or a vpn server, seems to be a client ? ^ i am not good at it.
I was searching to how setup a vpnserver on a rapsberry from a country, let's say country A and connect a client from country B so i can get access to service from country B without ip location restriction (from country A), anyway thanks for the video
The pi in this example is a client.
I wonder where do we get the username and password? I cannot find where did you get it
Hi Javid, you have to get that from your VPN provider.
I followed this and was able to setup protonvpn on my raspberry pi , but there is 99% packet loss for devices connected on it and am getting speed of only 20Mbps when it should be 60Mbps
Hi Pranav, OpenVPN tends to be slow...
those are very bad speed not worth it. use wireguard instead of OpenVPN
Thanks for your input. I'll give it a shot!
@@ExperiencingIT did you try wireguard and see any difference
You'll notice the speed was almost exactly cut in half. That is because all the traffic is both going TO and coming FROM the pi. Wireguard is highly regarded, but it can't fix that bandwidth limitation.
nope. im using it right now. the only difference is just 1mb. full speed/busy server. @@greenftechn
5 words into the video and i bet you're portuguese. nice accent tho
Stuck on 13:55 - Testing the OpenVPN connection on the Raspberry Pi, this does not work, it looks like the openvpn is inactive and I don't know how to activated it, any help would be great, thanks.
I get the below:
systemctl status openvpn@raspberrypi | grep active Active: inactive (dead)