OpenVPN Client on Raspberry Pi

Jamauk · 31 Mar 2017 at 20:58

I'm currently trying to build a VPN to a family members house using OpenVPN, the server side is setup on an Asus RT-N16 running TomatoUSB, devices can easily connect to this, so that side of things is all setup and running.

So, here's the questions:

Is it as simple as installing OpenVPN on the Pi, configure it as a client, connect it up on their network and then do static route on their router & forward port 1194 to the Pi?
My routers network is 192.168.1.xxx, theirs is 192.168.3.xxx. As the server is on my network my router shouldn't need any static routes as that is all dealt with by my router. Would theirs then need to be set as destination: 192.168.1.0 & gateway 192.168.3.Pi?

RoyMi6 · 31 Mar 2017 at 21:23

It's not totally clear where everything is in the network. A full diagram might help.

What ultimately are you trying to achieve with this?

Jamauk · 31 Mar 2017 at 21:28

I'll work on a diagram tomorrow. The ultimate achievement here is access to each other's networks, for file sharing (I know there are cloud solutions for this), RDP, etc.

PS; it'll also help when I'm asked to provide technical support and can't be bothered to go round and fix something.

Jamauk · 1 Apr 2017 at 12:11

Here's the diagram:

I couldn't find a pic of the Pi, so a pie chart had to suffice!
As you can see the plan is to use my router (Asus RT-N16 - Tomato v1.28) as the VPN server - something it is already doing, my devices connect to it just fine when away.
I want to connect to their network using the Pi as the VPN client and use a routing policy on their router to send traffic to 192.168.1.xx through the Pi. It's a bit of a fun project, but will also allow for file sharing/backups, etc. & yes I know there are cloud solutions for this.

bledd · 1 Apr 2017 at 12:18

http://www.pivpn.io

Then forward the port to the pi on your router.

Give the pi a local reserved (or static) IP.

Jamauk · 1 Apr 2017 at 12:36

The Pi will have a static IP, presumably you mean forward the port on their router (1194)? And then setup a routing policy on their router.

pc-guy · 19 Apr 2017 at 15:36

I am pretty sure the Pi has to operate as a router to direct all traffic through OpenVPN with your existing router in modem mode.

Jamauk · 19 Apr 2017 at 15:46

Thanks for the thread revival!

I was looking at this again last week, it's for my auntie & uncle who have zero computer knowledge and I'm frequently asked to come round and fix stuff (also a bit of a fun project for me). They have an ADSL2+ connection at around 3Mb/sec. I've just discovered I've got a spare Openreach modem and Asus RT-N16 with Tomato, I might just set that up at theirs the same as I have setup here, and setup the router at their end as a VPN client. Using that modem might even get them a better sync speed.

Phreaky · 19 Apr 2017 at 22:18

You can just configure the Pi with the OpenVPN client and manually configure each device to use the Pi as a gateway - there are quite a few guides that show how to do this: http://www.dickson.me.uk/2016/06/21/setting-up-a-raspberry-pi-as-a-vpn-router-updated/ is a good example.

I went a bit further and setup a Wifi hotspot with DHCP/DNS on the Pi and used iptables to tunnel all the wifi clients through OpenVPN. This way you can have a mini portable VPN hotspot that you can take abroad if you want to use iPlayer etc, just plug it into the ethernet port in the hotel room. No guide for that one though, I had to freestyle it.

The Pi 3 is pretty rubbish at OpenVPN though, it has no AES hardware acceleration. You can get about 20mbit max from it.