How to Setup a VPN on Raspberry Pi

Updated the 28 March 2018 - 10 Comments - , , , , , , ,

ⓘ Cet article peut avoir été partiellement ou totalement traduit à l'aide d'outils automatiques. Nous nous excusons des erreurs que cela pourrait engendrer.

This article follows the article released last week on the establishment of a personal seedbox. Indeed as suggested at the end of the article, it can be very interesting to make the Internet traffic of your seedbox anonymous through the use of a VPN. This article will nevertheless be useful to all those who wish to remain anonymous on the internet.

What is a VPN?

To remain simple, a VPN is a technology that allows to create a secure and anonymous connection between its user and its Internet browsing. This is made possible by the creation of a tunnel encrypted between the user’s computer and private networks elsewhere in the world. The user will therefore go out on the public networks with the IP address of the private networks to which he is connected and not his own.

How to choose a good VPN?

A VPN differs from the competition by several criteria. Price, speed, log retention, security, protocol used are the main ones. For this tutorial we will use the one that we consider the best of the market namely IPVanish. If we take the criteria mentioned just before, today it is the one that offers the best bandwidth and therefore the best speed, This means that your connection will absolutely never bridled because of the VPN. Moreover, it does not retain any logs which ensures total anonymity, the protocol used is simple to use and its price is very affordable. And if you look at the security side, the connection is encrypted in AES 256, in short, that good !

We strongly advise you to use  IPVanish  too as it will be simpler for you to follow our tutorial.

You should know that there are free VPNs. However we strongly advise against them because they are very restrictive. You are often very limited in connection speed and / or amount of data. Moreover the majority of free VPNs do not accept and block the protocol peer to peer what for a seedbox for example is very disturbing!

Implementation of IPVanish

IPVanish is a vpn that uses the openVPN protocol and its installation is simple! First, run the following command to install openVPN on your Raspberry Pi

sudo apt install openvpn

Next, you should avoid openVPN starting when the Raspberry Pi starts. To do this, execute the following command:

sudo update-rc.d -f openvpn remove

We will now prepare the Raspberry to receive the IPvanish files. Simply create a folder that should only contain IPVanish files. You can put it in your user’s folder. We will take for the example the basic user pi

mkdir /home/pi/vpn

Now that the folder is created, we will be able to download the openVPN configuration files from IPvanish. You can find the configuration files at . Please note that you must download at least two files. The file with the extension “crt” which corresponds to the certificate that will allow you to connect to the vpn and a file with the extension “ovpn” which will determine the ip that will have your Raspberry Pi on the public networks. You can find the location of the IP in the file name.

As part of this tutorial, we will download all files that are located in compressed folder

cd /home/pi/vpn 




Once all the files are downloaded we can launch the VPN with the command

sudo openvpn --config SERVER.ovpn

Replace the server with the destination of your choice. For example if you want to have an IP address in Stockholm just use this command

sudo openvpn --config ipvanish-SE-Stockholm-sto-a01.ovpn

All you have to do is fill in your IPvanish credentials and your Raspberry is completely anonymous.

It is possible that like us, during the first attempt you have this error:
ERROR: Cannot open TUN/TAP dev /dev/net/tun: No such device (errno=19)

To fix it, you just have to restart your Raspberry Pi. And re-launch the vpn

sudo reboot

If you want to check the good behavior of the VPN, you can run the following command from another SSH connection to not turn off the VPN

curl; echo;

You will see that the IP of your Raspberry Pi will be different from that of your computer which you can verify by going to the address .

Launch the VPN in background task

As you probably notice, if you followed our tutorial to the letter, the VPN is not launched in background task and as soon as we leave the session SSH, the VPN stops what is not very practical . We will remedy this by launching the VPN via a screen.

What is a screen?

To simplify, screen is a command that allows to launch terminals on the server and thus to keep them if the SSH connection is cut. They can be found during a future connection. This will allow us never to close the terminal in which the VPN will be launched, and thus to be able to find it even by starting a new SSH connection.

Setting up the screen

It is necessary to first cut the execution of the VPN if it is running.

We will install the screen command on the Raspberry Pi if you do not have it yet.

sudo apt install screen

Now let’s create a screen that we will call “vpn”. This will allow us to easily find it during a future connection.

screen -s vpn

This command will create the terminal and directly attached us to it. We can therefore launch the vpn

Sudo openvpn --config ipvanish-SE-Stockholm-sto-a01.ovpn

It’s over, now if you cut the SSH, the VPN will still turn. During a future SSH connection you can find it using the command

screen -s vpn

So here you are with a perfectly anonymous connection and so keep your privacy what good news 🙂

5/5 - (1 vote)
Raspberry Pi FR
Join the Raspberry Pi community
A $35 computer already sold 10 million copies
Related tutorials
Create a Wi-Fi hotspot in less than 10 minutes with Pi Raspberry! Install Android on his Raspberry Pi How to install a web server on the Raspberry Pi (Apache + PHP + MySQL) Create a NAS with your Raspberry Pi and Samba How to recover the password of your Raspberry Pi if you lost it. 2018 Update.

  1. Kari says:

    Did anyone get this when executing screen -s vpn

    Cannot exec ‘vpn’: No such file or directory

  2. Compass says:

    Hey! This is my first raspberry pi project, and I’m a newbie trying this as a learning experience (hoping it will be functional as well). Forgive me for the dumb questions in advance. I followed your directions exactly but have no idea what you’re talking about when you get to checking the behavior of your VPN. I don’t know what an SSH connection is, and when I use Fing to pull up my ip address, it shows my native one. I’m assuming it’s not working? How can I know?

    1. To find your ip address you should look at your router admin interface. For SSH connection, we have make a tutorial that you can found here.

  3. sha says:

    hi i am a newbie to this i have ipvanish on my pc but what it to on my raspberry as i wish to make it a router.
    but it comes up with command not found when i type
    Sudo openvpn –config SERVER.ovpn

    i can’t get past this point

    1. Hey, have you correctly install openvpn as said in beginning of the article ? By the way you should have –config instead of -config.

  4. Thank you for this, having followed your tutorial on a terminal window that is on the PI3 linked to a screen, I can leave the window active and continue using the chromium browser, however after the login username and password to ipvanish (which correctly validated), the PI3 seems to lose the ability to do dns translations. From another terminal, i can still ping ipaddress but will not resolve. Error is Temporary failure in name resolution. Any sugestions

    1. The solution i found is to add the google DNS or/ and the open DNS to the resolv.conf.head file
      so sudo nano /etc/resolv.conf.head and insert
      Cntrl X
      enter accepting the save

  5. Karel T says:


    I get this error when running the command.

    pi@raspberrypi ~/vpn $ sudo openvpn –config ipvanish-SE-Stockholm-sto-a01.ovpn

    Options error: Unrecognized option or missing parameter(s) in ipvanish-SE-Stockh olm-sto-a01.ovpn:11: verify-x509-name (2.2.1)

    Where did you put your credentials?

    Thanks for the info!

    PS typo: it’s apt-get in the first command
    PPS be carefull: it’s sudo not Sudo.

    1. you must use double “-“.

Newsletter Sign-Up
Subscribe to the newsletter.
¿Te gustó este artículo?
¡Suscríbete y mantente informado!