Defining IT
A VPN connection at home is the focus of this article but let’s first see what it means, in as plain of English as we can.
Definition of VPN: a private computer network that functions over a public network : VIRTUAL PRIVATE NETWORK – Merriam-Webster
At your home, you can connect between computers privately in your house (on your private network) and connect to the internet with at least some level of security, as long as you are keeping your computers, routers and modems all patched and up to date. This is not always the case when you are out somewhere and decide to connect to a public wi-fi. Not only that but when you connect to a public wi-fi that data that you transmit when using the internet is not always secured. If any connection in the link is compromised so is your data. What data? Things like passwords you type, banking information, etc.
A VPN connection will encrypt that data, creating a “tunnel” to flow from end to end. If any point in the public wi-fi connection is compromised, your data is safe because no one can see it due to the encryption. How does it look when I connect to a public wi-fi without a vpn.
Device <=> Public Wi-fi <=> Their Internet provider <=> Internet
If you connect via a VPN back to your home, it looks like this:
Device <=> Data Encrypted at VPN client on device <=> Public Wi-fi <=> Their Internet provider <=> VPN Server <=> decrypted <=> Home internet
Needed
- A server/desktop running a flavor of linux
- A static ip address or a domain name ( NO-IP is a free alternative to a domain name if your IP is not static)
- Docker installed on OS
- Port 1194 open
- A device with a client for Open VPN installed
Setup
We will use the most popular Docker image for Open VPN kylemanna/docker-openvpn. For persistence and convenience, we need to store our VPN’s private key in a Docker volume, named ovpn-data-family
. It is basically a folder that will be shared by all OpenVPN containers. One advantage is that you can remove the container or run OpenVPN commands in parallel.
OVPN_DATA="ovpn-data-family" docker volume create --name $OVPN_DATA
In the following line enter your static IP address or the domain name you will be using in place of public-ip-or-domain
PUBLIC="public-ip-or-domain" docker run -v $OVPN_DATA:/etc/openvpn --log-driver=none --rm kylemanna/openvpn ovpn_genconfig -u udp://$PUBLIC
After entering the following line, you will be prompted to enter a password. DO NOT FORGET IT.
docker run -v $OVPN_DATA:/etc/openvpn --log-driver=none --rm -it kylemanna/openvpn ovpn_initpki
For each device(client) you want to use you will need to run the following line for each. Give each a unique name in place of my-laptop.
CLIENT_NAME="my-laptop" docker run -v $OVPN_DATA:/etc/openvpn --log-driver=none --rm -it kylemanna/openvpn easyrsa build-client-full $CLIENT_NAME nopass
The following code will create your config file for that specific device. It will be created in the directory that you run this command from. Transfer it to your device, i.e., laptop, phone, etc. Run this for each device to use with OpenVpn client.
docker run -v $OVPN_DATA:/etc/openvpn --log-driver=none --rm -it kylemanna/openvpn ovpn_getclient $CLIENT_NAME > $CLIENT_NAME.ovpn
Showtime
Time to run the VPN server…
docker run -v $OVPN_DATA:/etc/openvpn --name openvpn --detach -p 1194:1194/udp --cap-add=NET_ADMIN kylemanna/openvpn
To see if the VPN is running you can type the following:
docker ps
Conclusion
If you have gotten this far you should have a running VPN that you can connect to from your phone or other device. You just start the client OpenVPN using the exported file from the process above and you should be connected. To verify you can go to http://www.ifconfig.me and you should see your home IP address while connected.
Find more posts on https://notposted.com
No Comments on "VPN connection at home"