anonymous

How to Setup a VPN on Raspberry Pi

Mis à jour le 28 March 2018 - 9 Commentaires - , , , , , , ,

This article follows the article released last week on the establishment of a personal seedbox. Indeed as suggested at the end of the article, it can be very interesting to make the Internet traffic of your seedbox anonymous through the use of a VPN. This article will nevertheless be useful to all those who wish to remain anonymous on the internet.

What is a VPN?

To remain simple, a VPN is a technology that allows to create a secure and anonymous connection between its user and its Internet browsing. This is made possible by the creation of a tunnel encrypted between the user’s computer and private networks elsewhere in the world. The user will therefore go out on the public networks with the IP address of the private networks to which he is connected and not his own.

How to choose a good VPN?

A VPN differs from the competition by several criteria. Price, speed, log retention, security, protocol used are the main ones. For this tutorial we will use the one that we consider the best of the market namely IPVanish. If we take the criteria mentioned just before, today it is the one that offers the best bandwidth and therefore the best speed, This means that your connection will absolutely never bridled because of the VPN. Moreover, it does not retain any logs which ensures total anonymity, the protocol used is simple to use and its price is very affordable. And if you look at the security side, the connection is encrypted in AES 256, in short, that good !

We strongly advise you to use  IPVanish  too as it will be simpler for you to follow our tutorial.

You should know that there are free VPNs. However we strongly advise against them because they are very restrictive. You are often very limited in connection speed and / or amount of data. Moreover the majority of free VPNs do not accept and block the protocol peer to peer what for a seedbox for example is very disturbing!

Implementation of IPVanish

IPVanish is a vpn that uses the openVPN protocol and its installation is simple! First, run the following command to install openVPN on your Raspberry Pi

sudo apt install openvpn

Next, you should avoid openVPN starting when the Raspberry Pi starts. To do this, execute the following command:

sudo update-rc.d -f openvpn remove

We will now prepare the Raspberry to receive the IPvanish files. Simply create a folder that should only contain IPVanish files. You can put it in your user’s folder. We will take for the example the basic user pi

mkdir /home/pi/vpn

Now that the folder is created, we will be able to download the openVPN configuration files from IPvanish. You can find the configuration files at  http://www.ipvanish.com/software/configs/ . Please note that you must download at least two files. The file with the extension “crt” which corresponds to the certificate that will allow you to connect to the vpn and a file with the extension “ovpn” which will determine the ip that will have your Raspberry Pi on the public networks. You can find the location of the IP in the file name.

As part of this tutorial, we will download all files that are located in compressed folder configs.zip.

cd /home/pi/vpn 

wget http://www.ipvanish.com/software/configs/configs.zip 

unzip configs.zip 

rm configs.zip

Once all the files are downloaded we can launch the VPN with the command

sudo openvpn --config SERVER.ovpn

Replace the server with the destination of your choice. For example if you want to have an IP address in Stockholm just use this command

sudo openvpn --config ipvanish-SE-Stockholm-sto-a01.ovpn

All you have to do is fill in your IPvanish credentials and your raspberry is completely anonymous.

It is possible that like us, during the first attempt you have this error:
ERROR: Cannot open TUN/TAP dev /dev/net/tun: No such device (errno=19)

To fix it, you just have to restart your Raspberry Pi. And re-launch the vpn

sudo reboot

If you want to check the good behavior of the VPN, you can run the following command from another SSH connection to not turn off the VPN

curl http://ipecho.net/plain; echo;

You will see that the IP of your Raspberry Pi will be different from that of your computer which you can verify by going to the address  http://ipecho.net/ .

Launch the VPN in background task

As you probably notice, if you followed our tutorial to the letter, the VPN is not launched in background task and as soon as we leave the session SSH, the VPN stops what is not very practical . We will remedy this by launching the VPN via a screen.

What is a screen?

To simplify, screen is a command that allows to launch terminals on the server and thus to keep them if the SSH connection is cut. They can be found during a future connection. This will allow us never to close the terminal in which the VPN will be launched, and thus to be able to find it even by starting a new SSH connection.

Setting up the screen

It is necessary to first cut the execution of the VPN if it is running.

We will install the screen command on the Raspberry Pi if you do not have it yet.

sudo apt install screen

Now let’s create a screen that we will call “vpn”. This will allow us to easily find it during a future connection.

screen -s vpn

This command will create the terminal and directly attached us to it. We can therefore launch the vpn

Sudo openvpn --config ipvanish-SE-Stockholm-sto-a01.ovpn

It’s over, now if you cut the SSH, the VPN will still turn. During a future SSH connection you can find it using the command

screen -s vpn

So here you are with a perfectly anonymous connection and so keep your privacy what good news 🙂

Share
Newsletter
Author:
Raspbian France
Join the Raspberry Pi community
A $35 computer, already sold at 10 millions copies
BUY THE NEW RASPBERRY PI 3
Related tutorials
Create a Wi-Fi hotspot in less than 10 minutes with Pi Raspberry! Install Android on his Raspberry Pi Create a NAS with your Raspberry Pi and Samba How to install a web server on the Raspberry Pi (Apache + PHP + MySQL) Install WordPress on a Raspberry Pi (with Nginx).
9 Comments
  1. Karel T says:

    Hello,

    I get this error when running the command.

    pi@raspberrypi ~/vpn $ sudo openvpn –config ipvanish-SE-Stockholm-sto-a01.ovpn

    Options error: Unrecognized option or missing parameter(s) in ipvanish-SE-Stockh olm-sto-a01.ovpn:11: verify-x509-name (2.2.1)

    Where did you put your credentials?

    Thanks for the info!

    PS typo: it’s apt-get in the first command
    PPS be carefull: it’s sudo not Sudo.

    1. you must use double “-“.

  2. Thank you for this, having followed your tutorial on a terminal window that is on the PI3 linked to a screen, I can leave the window active and continue using the chromium browser, however after the login username and password to ipvanish (which correctly validated), the PI3 seems to lose the ability to do dns translations. From another terminal, i can still ping ipaddress 216.58.223.35 but www.google.co.za will not resolve. Error is Temporary failure in name resolution. Any sugestions

    1. The solution i found is to add the google DNS or/ and the open DNS to the resolv.conf.head file
      so sudo nano /etc/resolv.conf.head and insert
      #GoogleDNS
      nameserver 8.8.4.4
      nameserver 8.8.8.8
      #OpenDNS
      nameserver 208.67.222.222
      nameserver 208.67.220.200
      Cntrl X
      y
      enter accepting the save

  3. sha says:

    hi i am a newbie to this i have ipvanish on my pc but what it to on my raspberry as i wish to make it a router.
    but it comes up with command not found when i type
    Sudo openvpn –config SERVER.ovpn

    i can’t get past this point

    1. Hey, have you correctly install openvpn as said in beginning of the article ? By the way you should have –config instead of -config.

  4. Compass says:

    Hey! This is my first raspberry pi project, and I’m a newbie trying this as a learning experience (hoping it will be functional as well). Forgive me for the dumb questions in advance. I followed your directions exactly but have no idea what you’re talking about when you get to checking the behavior of your VPN. I don’t know what an SSH connection is, and when I use Fing to pull up my ip address, it shows my native one. I’m assuming it’s not working? How can I know?

    1. To find your ip address you should look at your router admin interface. For SSH connection, we have make a tutorial that you can found here.

Share
Suscribe to Newsletter
Inscrivez-vous à la Newsletter.
Vous avez aimé cet article ?
Inscrivez-vous et restez informé !