How To Set up a VPN Server
Photo from Unsplash
Originally Posted On: https://mysoftwarebee.com/how-to-set-up-a-vpn-server/
There are currently around 5 billion people worldwide who use the internet.
Usage continues to grow as the internet becomes a more integral part of people’s lives. It’s used for work, entertainment, leisure, education, and more. One of the downsides, however, is the potential security risks it presents.
When connected to the internet, your computer may be vulnerable. If you know how to set up a VPN server, it can make you much safer. By using a connection that’s not secured, people could monitor your activity and view your data. A VPN will protect you from this.
Read on as we go over how to set up a VPN server using a range of methods, so you can determine how to best keep yourself protected.
What Is a VPN Server?
A VPN is a virtual private network, and it’s something people use to increase their safety, freedom, and privacy when using the internet. Any device, when connected to the internet, will transmit data in some way. A VPN can encrypt this data to keep it secure.
This encrypted data travels to an external VPN server, which then sends it on to the intended destination. A VPN server can be either physical or virtual and can provide services to users anywhere in the world. They’re made up of both software and hardware, and tend to have more logical and physical communications ports than other server types.
Why You Need a VPN Server
You have the option to use a commercial VPN, usually through a subscription service. These can be paid, but many also have free options. As you might expect, free VPNs are more limited, so they don’t meet the needs of some people.
One of the main appeals of a VPN is increased privacy, and free versions aren’t as secure as paid ones, so they may not be ideal for you.
Despite all this, you may not need to use an external VPN server, as it’s possible to create your own at home. By doing this you’ll be able to connect to your home network from anywhere, and you know the connection will be secure.
One of the main reasons to do this is because it costs more to subscribe to a premium VPN service. Another benefit is that a home VPN is disposable, so if you don’t need it anymore, you can just terminate it.
Because you’ll be hosting the server privately, it’s more secure than a paid service. Even though the data you send would be encrypted, you’d still be sending it to an external server. By using your own, you can be certain that no one will be able to see any information such as access logs, ensuring no third parties can get ahold of such info.
VPNs also offer some additional features. They’re popular for accessing geo-locked content, for example. You can use a VPN to access international libraries from streaming services, such as Netflix.
How to Set up a VPN Server
There are multiple ways of setting up a VPN server, but they all require some technical knowledge. If you’re not confident you’ll be able to do it, you may be better off using a paid service. With that being said, we’re going to go through these different methods, explaining how you can set up your own VPN server.
Windows 10 Built-In Server
The cheapest way to set up a VPN server is to use your computer. It means you won’t have to worry about buying any additional hardware. The drawback is that this does come with some limitations.
Firstly, the VPN server will only work while your computer is switched on. This means that if you want to access it from elsewhere, you need to leave your computer running the whole time you’re away from home.
Your router will need port forwarding to properly allow incoming connections to reach the right device. Setting this up means an additional process to make things work right.
Using the method below, your computer will be directly exposed to the internet, making it vulnerable to cyber-attacks and other security threats. To help protect it you should use an authentication password and another port forwarding method.
1. Set Up Your Computer
Navigate to the ‘Network Connections’ window, then click ‘organize’, ‘layout’, and ‘menu bar’ to get the menu bar to show up. On here, select ‘file’, then ‘new incoming connection’.
You’ll get a popup window where you can select the user accounts to connect to the VPN. It’s a good idea to use a separate account for the setup, giving it a strong password.
At the next window, you want to select the option to allow people to connect through the internet, and then you can choose which protocols you want to allow. You can opt out of ‘file and printer sharing’, for example. After this, your VPN will be up and running.
2. Set Up Port Forwarding
To connect to your VPN through the internet, you need to set up port forwarding. This will alloy our router to send the right traffic to your PC.
First, you need to get the IP address of the computer you’ve used to set the VPN server up. Then you can set the port forwarding for the PPTN protocol that links to this IP address. This is port 1723.
3. Connect to the VPN Server
You can now connect to the VPN server. Start by going to your network settings and selecting the VPN tab. From here you can add the VPN by doing the following:
- Set the VPN provider as Windows (built-in)
- Name the connection
- Enter the VPN server’s IP address
- Set the type as PPTP
- Choose the sign-in info
To sign in, you can use a username and password, a smart card, a certificate, or a one-time password. Once you’ve chosen, you can save this and the VPN will show up along with your other wi-fi connections.
Select your VPN, enter the sign-in details, and you’ll be connected.
OpenVPN on Windows
OpenVPN is an open-source VPN protocol – not to be confused with a dedicated VPN service like NordVPN.
You can get the OpenVPN installer from the official website, and run it once it’s downloaded. Select the ‘custom installation option and choose ‘EasyRSA 2 Certificate Management Scripts’.
You then want to configure it by doing the following:
- Open the command prompt (as an administrator)
- Locate EasyRSA – it will be in C:/Program Files/OpenVPN/easy-rsa by default
- Type ‘EasyRSA-Start.bat’ to launch it
- Use the command ./easyrsa init-pki to create a directory for the PKI (public key infrastructure)
- In the easyrsa folder, there’s a file called ‘vars.example’. Copy it as ‘vars.bat’ then open it in notepad.
- You can edit the file if needed
- Type the commands:
EasyRSA is now prepared for the certificates and key generation. To generate these, you need to enter the below commands in order:
- ./easyrsa build-ca nopass
- ./easyrsa build-server-full server no pass
- ./easyrsa build-server-full Client1 no pass
- ./easyrsa gen-dh
You’ll then be able to find the certificate files, keys, and Diffie-Hellman Parameters in this folder: C:/Program Files/OpenVPN/easy-rsa/pki.
The Diffie Hellman parameters are in the file dh.pem, and the CA certificate is ca.crt. The keys will be in the ‘private’ folder and the certificates in the ‘issued’ folder.
Configure OpenVPN Server
Locate the ‘config’ directory, and copy the following files into it:
Navigate to C:/Program Files/OpenVPN/sample-config and open the ‘server.ovpn’ file, where you can reconfigure the dh, key, and certificate file paths with what you actually have. You can then keep the default settings or make other changes if necessary, then save the file.
To use OpenVPN on other machines, you need to configure them individually. To do this, install OpenVPN on any machines you want to link, then copy the created files over from the server machine to the client machines (ca.crt, client.crt, and client.keys).
Then you need to copy over the ‘client.ovpn’ file and make any changes if needed. This file can be copied to any machine that needs to use the VPN server.
Connecting to the Server
With everything configured, you can start connecting by running the ‘Open GUI’ as an administrator. You’ll then be able to find the GUI in the bottom right corner of your screen. Click ‘show hidden icons’, ‘OpenVPN’, then ‘connect’.
OpenVPN also works on Ubuntu, and you can set it up using a very similar method to the Windows version. As with Windows, it’s a long-winded and complicated process.
You should only use OpenVPN if you’re confident with setting it up. There are a lot of steps where things can go wrong, so proceed with caution. TecMint has an in-depth guide on how to set up OpenVPN on an Ubuntu system.
A Raspberry Pi is a small, cost-effective computer, and you can do a lot with them. They’re capable of running OpenVPN, which is, again, a very complicated process. It can be made much easier, however, by using the PiVPN (an install script).
You can download this by going through the GitHub link on the PiVPN website. It still follows a process, but this guide can explain all the steps you need to take.
If, for whatever reason, you decide you don’t want the VPN on your Raspberry Pi anymore, it’s incredibly simple to remove. Just use the command ‘sudo pivpn uninstall’ and it will do the rest.
A Raspberry Pi isn’t expensive, so this can be a cost-effective VPN solution, and you can avoid using your main computer to run the VPN. This also means you won’t have to leave your computer running at all times, and Raspberry Pis are far more energy-efficient.
VPN Router With Built-In Server Capability
To avoid using a computer altogether, you can instead use a VPN router. It will need to have VPN server capability built-in. While a typical VPN router will support PPTP, you ideally want one that also supports more secure protocols like OpenVPN.
If you don’t already own one of these routers, this can be quite an expensive method compared to using a computer. Fortunately, it’s also easier to set up. For a router, you just need to follow these steps:
- Launch a browser from any computer on the router’s network
- Enter the IP address of the router
- Enter the router login details
- On the setting select either ‘setup page’ or ‘VPN Service’
- Click the checkbox to enable the VPN
Once the router is ready to go, you can set up the client. To do this you just need to download the configuration files, which can be found in the router control panel. Copy these files to any client devices, and you’ll be able to connect them.
Manually Flashing a Router
If you don’t want to buy a new router, you can flash the one you already have. This is the cheaper option, but it’s more complicated. It’s also only possible if your router supports flash firmware.
Some examples of this firmware include Tomato, OpenWRT, and DD-WRT. The firmware providers will have specific guides on their own websites.
The standard process starts with downloading the firmware file and connecting your computer to the LAN (local area network). Use the IP to login to the router as above, then head to the settings panel to find the router update/upgrade section.
From here you should follow the instructions on the firmware provider’s site. Once completed you can set up the certificate authority, then generate the server certificate/keys and client certificate/keys. Configure these, then download and install OpenVPN.
The last step is to import the client certificate and keys to any client devices, and then you can connect them to the VPN server.
Cloud Computing Service
With the increased adoption of cloud computing, this has become a popular option. You can use services like Google Cloud or AWS (Amazon Web Services) to rent VPS (virtual private servers).
This is one of the easiest methods, but there’s no way to get around the cost. Your data might also be less secure as you’re going through an external hosting service instead of your own network. The main advantage of this is that you don’t need to maintain the servers at all.
Each cloud provider will have their own guides on setting up a cloud-based VPN server, so follow their instructions.
Do You Need a VPN Server?
While this guide explains how to set up a VPN server, you should still be careful when doing so, due to how complicated the process is.
A VPN server isn’t always essential, but it’s one of the best ways to stay protected when using the internet. It can ensure no one can access your data or spy on your activities and reduces the risk of a cyber attack.
Using VPN software can make things much easier, and is an inexpensive, yet simple method of implementing a VPN. At My Software Bee, we compare some of the best VPN software available and even have special offers. If you want to know more about us, or you’re after some VPN server tips, click here to contact us today.