vpn“>
Instructions and example files can be found here:
Putty Download:
But before we get into that… What am I drinking???
Home recipe without a name… suggestions are welcome. It’s 2oz Pineapple Juice, 2oz White Rum, 1/2oz Simple Syrup, and a barspoon of Lime Juice. Shake until the Pineapple froths. It’s a very creamy and smooth tropical drink, fantastic for a hot day.
This tutorial will teach you how to create a VPN gateway on your home network. Requirements are a Linux-based system to run on, along with a VPN service that is compatible with OpenVPN. I personally use NordVPN (not sponsored) but any compatible service will work.
To connect your device to the VPN gateway, you must configure a static IP address on the client. Instructions for how to do this vary by device. The gateway IP address just needs to point at your VPN Gateway Server.
This service will only allow VPN traffic to leave your network. If the VPN connection drops, so will your client device. Simply restart the VPN connection (or reboot the VPN Server) to reconnect. It’s also possible to set up a CRON job to auto-restart the VPN connection if it fails.
Find the parts I recommend on my Amazon store:
Follow me on Twitter @CraftComputing
Support me on Patreon and get access to my exclusive Discord server. Chat with myself and the other hosts on Talking Heads all week long.
Ubuntu Forum where I copied most of the IPTables configuration from:
Music from
“Shades of Spring” by Kevin MacLeod (
Licence: CC BY (
لینک دانلود
Can you show how to do that with a raspberry pi for people who don't have an extra pc?
I'm stuck at the beginning, after a apt-install upgrade, my network is disabled
When I'm thinking privacy I had an idea, Think of A PFSENSE BOX and you can plob several boxes connected to several HIGH SPEED ISPs. Now each box has it's own public IP that has a spoofed MAC ADDRESS TO OBTAIN A RANDOM PUBLIC IP. Now if you can install the program MACCHANGER to the WAN PORT ADAPTER to randomize it's MAC ADDRESS and obtain a new public IP, but this only happens when a user of these randomized PFSENSE BOXES that point to ech other via OSPF to your address, email, or other desti ation domain your trying to connect to. Now to further complicate the anominity all boxes are set up by OpenVPN ,and has each boxs UPDATED ROUTING TABLE THAT RESETS AT EACH ESTABLISHED CONNECTION PACKET BY PACKET. This can create a bunch of overhead but if there is a way to randomize the route by OSPF then by In ORDER down the line then back by a randomization through an algorithm? Also I probably would have a constant DD script that can write garbage to it's log files?!?! Coulld something like that be accomplished?
sudo apt get update && sudo apt get upgrade will do an upgrade right after an update. this saves time
Hey! Great Video. VPN works like a charm. I cant get the last command to work. when i start the rc-local – i get "job for rclocal.service failed because control process exited with error code" I checked the script – it is copy and paste from yours?
in log i see: rc-local.service: Failed to execute command: Permission denied
.
Will this slow down the internet speed at home? How about VPN client setup for you away from home and connect to home using VPN setup?
does this setup support remote connection to your home vpn?
Great guide, with this i finally got the VPN gateway to work, but i have some questions.
After server reboot, when the server starts my computers can access internet for a few pings, exposing my ISP IP until the VPN starts, is there anything we can do about that?
What if my VPN gateway is on subnet 192.168.50.0/24 but my router is on 192.168.1.0/24, do i need to create a route or iptable for that? and how do i do it?
I had problems to create a static route from 192.168.50.0/24 to this device while on 192.168.1.0/24 in my USG 3p, so need to find another solution
Great tutorial. Very succinct and to the point. I also really liked your tutorial on ad blocking the whole house. I just need to set up Nextcloud and these two and I'll be set. 🙂
I'm having slight issues here, when enabling and running the rc-local.service, it constantly is trying to save the iptables,(constant save done being printed to the terminal) the vpn works, but snail pace(5 down 1 up on a 40/10 connection) any ideas?
It is truly brave apply netplans without testing and lost the ssh connect with typos. 😀 Thanks for a good video. Is there any reason to not to use permanent chances on iptables?
I'm doing this on Debian rather than Ubuntu due to i386 cpu. All great until I get to "sudo bash iptables.sh" when I'm left with just a flashing cursor. Any ideas please?
16:04 "this is still pinging over here in my pihole" …. epic
I have setup a gateway but is there a way to route all traffic to it or do i have to add the gateway on each device?
Hi Jeff! Great video tutorial. I've been running an openvpn server when needed on my main system up until now but I've been wanting to migrate it to my FreeNAS server for a while now.
I see you have an InWin 301 case on your desk and I am curious to know how you setup the fans (seeing as I have one myself). Do you have 2 bottom intake fans, 2 front exhaust fans and one rear exhaust? I've noticed despite my best cable management attempts that the exhaust area on the right of the case behind the honeycomb mesh is quite air restrictive. I cannot seem to be able to dump hot air out of the case quickly enough whilst gaming.
How about not using a legacy method to run those files? Systemd on reboot????
When using and email "In auth.txt" as username the connection fails to connect with status "Auth Failed", when passing the username and password manually connection works … any suggestions on how to bypass this? could be a character (@) on the username that makes it fail?
This video earned my subscription… Absolutely wonderful.
I not only liked the topic but the fantastic way of explaining it expanding the information
You don't need to type sudo bash every time. You can just type sudo <script> as you've defined the shell within the script with the #!. You just need to make the script executable with chmod +x <script>
FYI, OpenSSH is now available natively in Windows 10 from version 1809. You can simply SSH from a Command Prompt / PowerShell
https://docs.microsoft.com/en-us/windows-server/administration/openssh/openssh_install_firstuse
Want a sponsor? For my own vpn i currently have its a ovh
'gateway4' doesn't need to be in brackets because it's not an array; you can't have more than one gateway. the other fields can support multiple entries per line, whether you use them or not.
Real questions – how do you daisy chain OpenVPN VPNs? Because there are issues with default gateway settings when you connect to VPN while being already connected to different VPN.
Putty is bloat, just use the terminal.
Is this all free?
Excellent tutorial. I came here because I'm interested in making a local VPN for other reasons. Couple comments:
The sysctl port forwarding would be better in a static file /etc/systctl.d/40-portforwarding.conf would be okay
echo "net.ipv4.ip_forward net.ipv4.ip_forward = 1" > /etc/systctl.d/40-portforwarding.conf
It'll now apply this setting on boot.
Then sysctl -p to enable it for the session (or reboot is fine)
Then you don't have to run the sysctl command in your start script.
Meanwhile, the /etc/rc.local hack was just… No..
Put the script in /usr/local/bin/startvpn.sh and use systemd properly 😀
Great tutorial. I use PIA. What change do need to make to the ovpn file? Or how should it look like (the command)?
Yaml square brackets denote arrays or lists. You can have multiple address and multiple nameservers so they're in brackets. You can only have one gateway so there are no brackets
Ok ..great.lost you at 2:24 what the fudge are u talking about.?thanks for nothing
One of these days (maybe April 1st) I want to hear him say "…as always, I'm Joe" and see how many people rewind.
This was great! Thank yoh
dam nord needs to throw you some duckets
I opened up Patty but she got mad..lol
Very nice tutorial. From somebody who is very well versed with linux, i can see how well you did this tutorial
My Pi-hole removed all the ad's from this video ! lol !
If I have openpyn connecting my raspberrypi to the best nordvpn server in my country, does it mean that I can just use the iptables script to make it into a gateway with a killswitch?
i have found with PIA best to use there DNS servers for you setup, also why not setup static ip address during the install of Ubuntu.
And now to make a docker container out of this 😀
Do you need a paid subscription to NordVPN for this?
Besides auth.txt, connect.sh and the config files, would everything else stay the same for different VPN providers like PIA?
Great information. Do you have a pfsense instructions ?
yay video
also it said you uploaded 14 minutes ago thats weird
So im confused what is the purpose of using a vpn when its still on the same network…
Your VPN gateway system is great as long as NordVPN does not sell your stored encrypted information to a 3rd party like your government. How could one create their own NordVPN like service provider?
Why do people still use putty? Windows10 had the OpenSSH Client as optional feature for years.
Hi, look at here https://github.com/StreisandEffect/streisand Could I use it to automate the installation process on my pi or ubuntu localhost server?
You need to chmod the rc.local file around https://youtu.be/xFficDCEv3c?t=880
sudo chmod +x /etc/rc.local
Apart from that amazing tutorial got up and running in no time using PIA! Thank you very much.
Most likely you don't need a VPN at all. However YouTubers love to suggest them for ad revenue. VPN is more for anonymity than security. Code run on websites runs on your machine locally regardless of VPN. Better do everything through a virtual machine too, but things can hop out of your virtual machine and into your main machine, so that's not secure either. No one is secure.
Why are you running a virtual server instead of running on a full system thats slower
OpenVPN just makes me appreciate WireGuard that much more.