Configure OpenVPN to Remotely Access Your Home Network

Recently I configured SSHd to run on one of my raspberry pi's at home, using Tor to make it accessible remotely even without a static IP, or custom forwarding rules with my routers. This time, I am going to accomplish a similar goal, however using OpenVPN and a cheap $5/mo server from Linode or DigitalOcean. (Next post we will discuss hosting websites from home using this VPN Tunnel).

What is the end goal?

Simply put, I want to host services (ssh, sftp), websites (http, https), & email (smtp, pop3, imap4) from my raspberry pi cluster at home, without purchasing a Static IP or using services like DynDNS. While DynDNS is awesome, there are some issues with DNS Caching which could make the cluster unavailable for periods of time.

OpenVPN Server Configuration

Install openvpn using apt-get

Replace the /etc/openvpn/server.conf with the option below

local [public-ip-address]
port 1194

proto tcp
dev tun

tun-mtu 1400
mssfix 1450

ca ca.crt
cert server.crt
key server.key
dh dh2048.pem

server 10.1.10.0 255.255.255.0

client-config-dir /etc/openvpn/staticclients
keepalive 10 120
comp-lzo

user nobody
group nogroup

persist-key
persist-tun
status /tmp/openvpn.log
verb 3

# tls-auth ta.key 0
key-direction 0

cipher AES-128-CBC
auth SHA256

Create SSL Cert & CA for server and clients

 

Read More

Bypass NAT without UPnP or Port Forwarding using Tor

2017-09-09 13:01 Tor, Administration, Networking

Have you ever needed to get applications running on a computer at home, available over the internet? I have several times, an SVN server, Chat Server, FTP server, testing HTTPd, SSH for my Raspberry Pi, just to name a few. The problem I have always face was configuring the router (or routers in most cases) to forward requests appropriately. And if I forgot to create an IP reservation for each device, come reboot time none of the configuration worked. It was a headache. Tor can actually fix this for us. While normally used for anonymity, it has some other cool features. Tor Hidden Service to be exact.

Read More