Turn the Pi into a VPN server. When connected to any public network, being able to VPN to the Pi at home provides you with security/privacy and all access to your home network (i.e., essentially connected to your home WiFi network while away from home).
- Update and Upgrade:
sudo apt update sudo apt full-upgrade - Install curl:
sudo apt install curl -y - Install PiVPN:
sudo curl -L https://install.pivpn.io | bash - Go through the install wizard and make sure you select WireGuard. If you have Pi-Hole, make sure you select "Yes" when it asks to use Pi-Hole's DNS server for the VPN.
- In your router settings, port forward the port
51820to your Pi's IP address. - Create your WireGuard profile:
sudo pivpn add
Install WireGuard on your computer from https://www.wireguard.com/install/. Next, enter the following into your SSH terminal. Remember to replace the section below with the profile name you created:
sudo nano /home/pi/configs/[PROFILENAME].conf
Copy everything in this config file and make the same .conf file on your Windows computer by pasting everything in it. Now open WireGuard and open this .conf that you just created. You can now connect to the VPN.
Install the WireGuard app. Next, enter the following into your SSH terminal:
pivpn -qr PROFILENAME
Then scan the QR code with your phone. You can now connect to the VPN.
Once activating the VPN, you should have internet access. If you are on a public WiFi network, go to https://www.dnsleaktest.com/ and take note of the IP address. Next, activate the VPN and run the test again. You should now see your home network's public IP address.
I recommend setting up a dynamicDNS for your router so your public IP address doesn't change.
- No internet access:
- run
pivpn -dand you may see a prompt saying "[ERR] Iptables MASQUERADE rule is not set, attempt fix now? [Y/n]", enter y.
- run
- Able to connect to WiFi but unable to access devices on the LAN:
- disable "Block untunneled traffic" within Wireguard client settings if you are on Windows.