Introduction
Raspberry Pi can be used as a VPN server to allow users to setup a secure tunnel from a remote client to the local network. Once a VPN tunnel is established between the Raspberry Pi and the client device, such as laptop, mobile device, ipad, itab, etc; if the port forward of router and access right is setup probably, then, the device can be accessed from local network or vice verse. I can successfully use pttpd software to setup VPN feature, and I will explain the setup step in the following.
Step 1. To make the latest update of the System:
$ sudo apt-get update
$ sudo apt-get upgrade
Step 2. Install the pttpd program:
$ sudo apt-get install pptpd
Step 3. Configure the pptpd:
3.1 Edit the pptpd.conf file by removing the “#” and place there the IP-address of the Raspberry Pi, for example 192.168.178.28 (which you should use your device’s ip address in your case):
$ sudo nano /etc/pptpd.conf
#localip 192.168.0.1 change to localip 192.168.178.28
3.2 Edit the pptpd-options file:
$ sudo nano /etc/ppp/pptpd-options
Add following at the end of the file (DNS-servers):
ms-dns 8.8.8.8
noipx
mtu 1490
mru 1490
Instead of 8.8.8.8 also 208.67.222.222 or 213.73.91.35 should work.
3.3 Configure internet traffic forwarding in your Pi to get access to your local network:
$ sudo nano /etc/sysctl.conf
Remove the “#”:
#net.ipv4.ip_forward=1 change to net.ipv4.ip_forward=1
3.4 Change the firewall entry:
$ sudo iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
3.5 Make it permanent in case of a reboot:
$ sudo crontab –e
Add following line at the lower end:
@reboot sudo iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
3.6 add a user and password in “chap-secrets”. Both have to be the same as later on used in the smartphone client configuration. It is recommended to use a password longer than 13 characters:
sudo nano /etc/ppp/chap-secrets
Username[TAB]*[TAB]password[TAB]*
Example:
loginname * password *
3.7 Restart the VPN server:
$ sudo service pptpd restart
Client Connection Setup on Android Device
- Select ‘Settings’ -> ‘More Network’ -> VPN -> + (to Add VPN Configuration)
- Input VPN Name, Login Account, Password, and Select Type -> ‘PPTP’ Type
- Press ‘Connect’
Note: One port-forwarding in the router is still necessary. Enter your router menu and configure port-forwarding for your VPN-server IP address with port 1723 to port 1723,
Reference Information for pptpd VPN Setup
Bonus Information (OpenVPN Server Setup)
Many people use another VPN server software called OpenVPN to install on Raspberry Pi device. It is more secure than pttpd because it can use ssl for VPN connection, however, its setup is a little bit more difficult than pttpd. If you are interested in the OpenVPN setup on Raspberry Pi, I suggest you to take a look on the following web page: https://www.raspberrypi.org/forums/viewtopic.php?t=81657