One part of working with the Internet of Things is the difficulty of connecting to devices in your home when you aren't in your home network. I face this difficulty every week when travelling around — I need to run tests and build Internet of Things demos, yet I'm not home to do so! I decided to turn my Raspberry Pi into a VPN so I could connect to my home network remotely. Here's how you can do the same thing using an OpenVPN installer called PiVPN.
You can run through the following tutorial using either the Terminal on your Pi or using SSH to connect to your Raspberry Pi remotely. If you aren't quite sure how to SSH into your Raspberry Pi, I have a short guide on how to SSH into a Raspberry Pi which might help! If you do not have a static IP address set up on your Pi, I'd recommend working directly on your Pi (otherwise, it's likely your IP addresses will change during the process to a static IP and kick you out of your SSH session!).
Starting the Install Process
To get started, we run the following command in our Pi's terminal (either via SSH or directly on the Pi):
[code language="bash"]
curl -L http://ift.tt/29vfGJv | bash
[/code]
Important Note: This command parses a random script downloaded from the web directly into your Pi's bash. That can be incredibly dangerous if you do not trust the installation source as it will run whatever code you give it straight away. I haven't gone through and vetted their bash command line by line (I trust them!) but it is available to look through on their GitHub under install.sh within the auto_install folder if you have any concerns.
Running that command will open a slightly nicer looking text-based GUI that starts with a simple prompt:
Once you've hit Enter, you'll be taken to another screen which will point out that a static IP address is important for this VPN service to work — if you do not have a static IP for your Pi, your router won't have an IP address to forward VPN functionality to. Don't have a static IP on your Pi? Don't worry — the automated installer will set up a static IP for you soon.
Hit Enter to go to the next screen:
Be careful on this screen — hitting Enter will take you to the next screen, rather than making a selection in the two radio button options. I made this mistake during the install process and it gets messy to restart the install process to change it!
In the interface selection, you can choose whether you'd like to set the VPN up on your ethernet connection (eth0) or your Wi-Fi (wlan0). I personally choose Wi-Fi as my Pi isn't close to my router. If you can connect the Pi via ethernet, this will be much better for speeds! To choose an option, move your selection with the arrow keys and select it with the Spacebar. Then click Enter to go to the next screen.
This screen confirms your current IP address for the Pi. I personally wanted to change my Pi's IP to something more memorable, so I clicked the arrow key to move my selection to <No> and hit Spacebar to select it. I then hit Enter to go to the setup to change my Pi's static IP.
In this screen, you'll enter in the static IP address you'd like your Pi to have. I chose 192.168.0.31. Once you've got the IP address you'd like, hit Enter.
In this screen, you'll need to enter in the IP address of your router or default gateway. This will depend on your network setup but a lot of the time this will be 192.168.0.1. If you aren't sure, try entering whatever IP address you enter to get to your router's config page in your browser. Once you've got this entered in, hit the Enter key.
Hit Enter on this screen to confirm your IP address settings are correct. They should look similar to my ones above if your home network is set up to the defaults of most home networks. If not, chances are high that you already know your own settings.
The visual GUI style interface will then disappear and you'll see in the Terminal that your settings are confirmed in the text shown. Wait a bit as it performs these actions to set a static IP and so on. If you have SSHed in and just changed your IP address... chances are this is where you'll get stuck because your connection will get dropped! If this happens to you, run through the process again but connect to the static IP you set up this time around.
Once PiVPN's network setting adjustments are done, it will bring you back to a nicer looking screen.
This screen above is just notifying us that we will soon choose our VPN's local user. Hit Enter to begin and move to the next screen.
In this screen, if your Pi is set to defaults you'll likely only have one option — the pi user. If that's the case, hit Enter! If you've got a custom user set up and want to set things up through that, select that user via the arrow keys and hit Spacebar. Then once that user is selected, hit Enter.
This next screen is advising you of something that is incredibly important to pay attention to! Setting up your Pi as a VPN means it will have a port open to the wider internet. This comes with serious responsibility — if security issues arise, your Pi is potentially open for anyone to access. Access to your Pi as a VPN means something incredibly dangerous depending on how your network is set up — it likely means access to your whole home network. For this reason, PiVPN recommends turning on unattended upgrades which will automatically update security packages at the very least. It is important to note it is still your responsibility to watch for security vulnerabilities in the press and keep an eye out for strange activity on your network. You can set up most routers to show logs of connections and so on — keep an eye on these things and more.
Continue reading %Setting up a Home VPN Server Using Your Raspberry Pi%
by Patrick Catanzariti via SitePoint
No comments:
Post a Comment