In this complete guide, you will learn about how to set up a VPN at home.
Bellow we’ll be touching the following points:
- Why do you need your own home VPN server
- How to set up your VPN server on your computer
- How to use a router with built-in VPN server capabilities
- Set up a home VPN server by flashing your current router
- How to use a cloud service provider
- What are the disadvantages of setting up a VPN server on your own
VPNs or Virtual Private Networks help you anonymously surf the internet by establishing a secure connection between your device and the VPN server. There are several ways you can set up your own VPN server.
This way you can have remote access to your home network.
Related guide: What is a VPN and how does it work
The cheapest method is converting your personal computer into a home VPN server. There are a series of steps you need to follow for specific operating systems. The most straightforward method is to buy a router with VPN capabilities.
If you do not want to buy a new router, you can flash your router to make it a VPN-compatible router. Apart from these ways, you can use a cloud service provider like AWS to create your VPN server in the cloud.
Setting up your VPN server using either one of those methods may sound safer, but your devices could be compromised if you have missed the basic security configurations.
In addition, bandwidth changes in your home network can significantly affect the VPN connection. Therefore, it is safer to use a trusted VPN service provider at all times for all your VPN needs.
We usually subscribe to a commercial VPN service and connect to one of their remote VPN servers closer to our location. Sometimes you may be using a free VPN that may not be as secure as you expect and opt to subscribe to a paid VPN service for better privacy.
But, you do not necessarily need to pay for a VPN because you can also create your VPN server at your home. Then you can securely connect to your home network when you are away from home.
Setting up your VPN server is cheaper than paying for a premium VPN service as most methods like hosting charge for the compute services you use. Moreover, such VPNs are disposable, meaning that you can terminate your server after you have finished using it.
In addition to that, it will be secure than commercial VPNs because you are not providing your data to an external service that could be keeping your access logs and share with third parties for many purposes.
There are several ways you can achieve this. But, you need some technical knowledge on setting up a home VPN on your own, as it can be a tricky task.
In this guide, we are going to explain different ways you can create one. We will start with the most cost-effective method: turning your computer into a VPN server.
This method may be the cheapest way of creating a VPN server on your own as you do not need any external hardware, but there can be limitations.
Setup your Windows 10 Computer
Step 1: Open ‘Network Connections” window. Then click ‘organize’ and select Layout-> Menu bar.
Step 2: From the menu bar, select ‘File’->’’ New Incoming Connection.’
Step 3: Next, in the popup screen, select the user accounts you want to connect. We recommend you use a separate user account with a solid password to set up the VPN server so that your accounts will be safe. To do that, click on the “Add someone” button. After you have selected the user accounts, click on the “Next” button.
Step 4: Next, select the “Through the Internet” option to allow VPN connections to your computer over the Internet.
Step 5: Next, select the protocols on the list that should be allowed for incoming connections. After choosing what you want, allow access. If you do not want to allow the connections to access printers, opt-out ‘File and Printer sharing for network connections.’
Step 6: Next, select the protocols on the list that should be allowed for incoming connections. If you do not want to allow the connections to access printers, then opt-out ‘File and Printer sharing for network connections.’ After choosing what you want, allow access.
Now your computer acts as a VPN server, and it is ready to serve for connection requests.
Setup port forwarding in your router
The next task is setting up port forwarding in your router to connect to the VPN server via the internet. By setting up port forwarding, your router can send the specific traffic to your computer.
How to Improve Security?
Connecting to the VPN server
Step 1: Go to network and internet settings in windows ten and select VPN-> Add a VPN connection.
Step 2: Click on Add a VPN connection and do the following.
Step 3: Next, select the VPN connection you created in the taskbar network icon, select ‘connect,’ and enter the user credentials. Finally, you will be connected to your VPN server.
Install Open VPN
The first step of this method is downloading the OpenVPN installer for Windows directly from the Open VPN website. When you start the installation, make sure to do the custom installation and select “EasyRSA 2 Certificate Management Scripts”.
Configure EasyRSA to generate certificates and keys
Now we have prepared easyrsa for generating certificates and keys.
Generating certificate and keys
The next thing we have to do is to create the server and client certificates and keys. For that, execute the following commands one by one. First, build Certificate authority (CA) to sign the other certificates and keys.
1. ./easyrsa build-ca nopass
Build certificate and keys for server and clients as follows:
2. ./easyrsa build-server-full server nopass
3. ./easyrsa build-client-full Client1 nopass
Create Diffie-Hellman parameters
4. ./easyrsa gen-dh
After executing these steps, you can find the keys, certificate files, and Diffie-Hellman Parameters in the following folders.
C:/Program Files/OpenVPN/easy-rsa/pki – ca.crt (CA certificate) and dh.pem (Diffie Hellman parameters)
C:/Program Files/OpenVPN/easy-rsa/pki/private – server and client keys (server.key and client.key)
C:/Program Files/OpenVPN/easy-rsa/pki/issued – server and client certificates (server.crt, client1.crt)
Configure OpenVPN server
Configure OpenVPN clients
Connect to the VPN server
Now you have done all the configurations required for the VPN server and the client machines. Finally, run the “Open GUI” as administrator. Then you can locate that GUI in the bottom right-hand corner. Just click on the “show hidden icons” and “OpenVPN” icon and click on ‘connect.’
If you are an Ubuntu user, you can follow the same procedure followed in windows. Establishing the VPN server in Ubuntu is also a very complex and time-consuming process. For more details, you can refer to how to set up an OpenVPN server in Ubuntu. In summary, the following are the essential steps you need to follow for creating a VPN server in the Ubuntu server.
You can also use OpenVPN in Raspberry Pi to set up a VPN server. This is again a pretty complicated process if you directly install OpenVPN and manually fo the configurations. But you can quickly achieve this by using the install script PiVPN. In that process, first, you need to download the script from the PiVPN GitHub page.
This can make the configuration setup easier through a setup wizard. Follow up the build your own Raspberry Pi VPN guide to know exactly the steps to execute.
Apart from turning your own computer into a VPN server, you can also try the following methods, which will be more costly.
As described above, although it is cheaper, turning your own computer into a VPN server can be pretty cumbersome. In that case, another alternative solution is to use a VPN router with an integrated VPN server setup capability. It is good if the router you buy supports a more secure VPN protocol other than PPTP, like the OpenVPN protocol.
However, this can be expensive because if your current router does not have that capability, you may have to buy a new one.
Setting up your VPN router is relatively easy. In summary, the following are the essential steps you need to follow to set up your VPN router as a VPN server.
VPN Router Setup
VPN Client Setup
Once you have enabled VPN in the router, download and unzip the VPN configuration files for the clients from the router control panel, then copy the files to the client devices. Finally, you can connect to the VPN from client devices.
As in the second method, buying a VPN router can be expensive. But if you still need a VPN router without buying a new one, you can upgrade your current router by manually flashing it.
As flashing a router can be a tricky task, buy a pre-configured or pre-flashed router already flashed. But this option can be expensive.
First and foremost, toTo flash the router by yourself, you need to check if your router supports flash firmware like DD-WRT, OpenWRT, and Tomato. Then find out the instructions to follow on the firmware provider’s website.
As we are now in the cloud computing era, another method is to use a cloud computing service provider like Amazon Web Services (AWS), Google Cloud, DigitalOcean, Scaleway, etc., to rent out Virtual Private Servers (VPS). If you are using AWS services, you can get the first year free of charge if you are free tier eligible.
However, this can also cost you money. Another problem associated with this method is routing the traffic through the hosting service rather than your home network. But, on the other hand, you do not need to worry about maintaining the servers as the service provider does this task on your behalf.
Always make sure to follow the guides from the respective cloud provider when setting up a VPN server in the cloud. For example, you can set up an OpenVPN access server in amazon VPC to set up a VPN server in the AWS cloud.
Like in every method, creating and using your VPN server has several disadvantages.
Additional VPN guides you should check out:
Creating and maintaining your own VPN server can be a good idea to save the cost of using a commercial VPN. In this article, we described four different methods you can achieve.
Among all the methods, turning your own computer into a VPN server is the best choice as it is the most cost-effective and the most available method for yourself.
However, you need to consider many limitations associated with that method before venturing into it.
Why should you make your own VPN Server?
If you are someone concerned about routing instructions data through an external service, you can take charge of your data by using your VPN. If you have a business with private company files, a private VPN server can be an ideal solution to allow access only for company users.
Is your own VPN server always secure?
Commercial VPNs often use shared IP addresses providing a higher level of security for your connection. But our home VPN does not have that option as you can have only one IP address. As a solution, you can change the IP address frequently because this involves extra work.
How does DDNS help in setting up a VPN server?
DDNS or Dynamic Domain Name Systems is required if you have a dynamic IP address. Because Dynamic IPs are changing, having a DDNS helps you to have a fixed domain name that is easy to remember. With a DDNS setup, you do not have to re-configure your VPN server every time the IP changes.