Old-school VPN on an raspberry PI

So I will be heading to Sweden in a couple of weeks, but I don’t really want my Roku to know that so that I can still watch shows that aren’t available in Sweden. So, I plan to build a VPN network using a rasperry PI.

My plan is to bust out an old-school VPN using PPP, SSH and SLIRP to tunnel the traffic to my home computer. The Pi will connect through ethernet to the router and provide an alternate wifi hotspot, and if you connect to that hotspot, your computer, roku or whatever will think it’s in the US.

I’ll be documenting my progress here. So far I’ve just assembled the Raspberry PI and downloaded Raspbian onto an SD card.

1 Like

Does something like pi-hole offer VPN settings?

No idea, never used pi-hole.

Now this is interesting. I was thinking of doing something similar but just the vpn at home thing.

On a side note I read somewhere that you can also turn a rpi into an add blocking filter that is plugged in between your cable coming in and your router.

That’s what Pi-hole is.

1 Like

Ah cool, it was a project I had earmarked a year or so ago but just didnt get round to doing it

You don’t have a router or wifi box you can setup VPN to??

My firewall is a linux computer, which can can be set up for any kind of VPN I wish.
The reason I’m thinking SSH/PPP/SLIRP is because it’s exceedingly simple.

1 Like

Do you have a fixed IP in your home? I would just use IPSec.

No, the IP is dynamic. However, it rarely changes and I have a cron job that posts my ip number to a known location so I can always find it.

My experience with IPSec so far has been that it’s very painful to set up and get to work.
But, to be fair, when I was trying to use IPSec last, the client was an android phone, not a raspberry pi.

The nice thing about slirp is that it’s all user-space, so there is no need to mess with routing. (Which is nice when you’re on a different continent…) Also, it does the NAT internally (because it has to, since it is user-space), so no need to set that up either.

That’s why I’ve always used OpenBSD for firewalls. It’s so simple, efficient and compact. And the pf implementation is amazing. They have pretty easy IPSec managers. Not for this but I would highly recommend that you try it. No admin that ever jumped went back to Linux.

Ok, so slirp is out.
I tried setting up a VPN, which was super-simple.
However, with slirp I wasn’t able to get more than 50kb/s through the VPN, even when using slirp-fullbolt which is supposed to disable any speed limitations.

Now I’m running pppd on both sides, which gives me speeds around 16mbit. Still not super fast, but a lot better at least.

1 Like