Rapsberry Pi OpenVPN Server

From munkjensen.net/wiki
Jump to: navigation, search

Automated OpenVPN installation

PiVPN is AWESOME - and my recommended path for installing and administering an OpenVPN server.

My plan is to run the install script curl -L https://install.pivpn.io | bash on macminibian that runs Debian  :-)

Basic (manual) OpenVPN installation

Go here and do as described in the README. It is super simple... if you follow the instructions precisely (RTFM)

I can connect all my OpenVPN capable devices to this server, and it is super simple to create certificates for alle the devices you will allow access !

Add new (Windows) client like this:

  • Create OPVN file using the MakeOPVN.sh script on OVPN server.
  • Transfer the OVNP file *securely from the OVPN server to the new client.
  • Install OpenVNP on the new Windows client using the Installers located here https://openvpn.net/index.php/download/community-downloads.html
  • Move the OVPN file into the 'config' folder in the freshly installed OpenVPN folder (C:\Program Files\OpenVPN\config)
  • Start the OpenVPN gui if not running already.
  • Right-click icon taskbar and select the option to Connect
  • Enjoy :-)

"securely" = 'WinSCP' @ Windows / 'FTPManager Free' @ IOS / SFTP @ OSX


Make VPN clients use the PiHole as Primary DNS server

I have installed this on the RPi that is running my PiHole. This gives me (and you if you do the same) the option to use the Ablocking DNS server ANYWHERE !!

Do as follows:

  1. Open the file /etc/openvpn/server.conf in your favorite editor using the sudo command. Example: sudo vi /etc/openvpn/server.conf
  2. Above the line containing the text push "dhcp-option DNS 8.8.8.8" insert a new line. (The IP 8.8.8.8 may differ in your setup)
  3. Copy the line push "dhcp-option DNS 8.8.8.8" into the new line.
  4. Change the ip address in the new line so it contains the IP address of your Raspberry Pi LAN interface.
  5. Reboot your Raspberry Pi
  6. Connect and enjoy AdFree DNS functionalities ANYWHERE !!

See my Pi-Hole for more information.

The official Pi-hole OpenVPN server guide from the Pi-Hole project is another option to try if you like :-)

Auto Connect for Windows 10.

Note: This is only tested using certificate that does not require a pass phrase!

  1. Open the Windows Services GUI
    1. Select Start --> Run
    2. Type services.msc
    3. Press Enter
  2. Find the OpenVPN Service
  3. Right-click and select Properties
  4. Then set Startup type to Automatic - delayed. (delayed is choosen to let the networkinterface get connected first)
  5. Configure Startup parameters to show wich .ovpn configuration is to be used when connecting.
    1. Example: --connect "profile.ovpn"

You will not see the tray icon, but if you examine the output of ipconfig -all yuo should see that the TAP-Windows Adapter is connected and configured.