Configure OpenVPN to Remotely Access Your Home Network

Recently I configured SSHd to run on one of my raspberry pi's at home, using Tor to make it accessible remotely even without a static IP, or custom forwarding rules with my routers. This time, I am going to accomplish a similar goal, however using OpenVPN and a cheap $5/mo server from Linode or DigitalOcean. (Next post we will discuss hosting websites from home using this VPN Tunnel).

What is the end goal?

Simply put, I want to host services (ssh, sftp), websites (http, https), & email (smtp, pop3, imap4) from my raspberry pi cluster at home, without purchasing a Static IP or using services like DynDNS. While DynDNS is awesome, there are some issues with DNS Caching which could make the cluster unavailable for periods of time.

OpenVPN Server Configuration

Install openvpn using apt-get

Replace the /etc/openvpn/server.conf with the option below

local [public-ip-address]
port 1194

proto tcp
dev tun

tun-mtu 1400
mssfix 1450

ca ca.crt
cert server.crt
key server.key
dh dh2048.pem

server 10.1.10.0 255.255.255.0

client-config-dir /etc/openvpn/staticclients
keepalive 10 120
comp-lzo

user nobody
group nogroup

persist-key
persist-tun
status /tmp/openvpn.log
verb 3

# tls-auth ta.key 0
key-direction 0

cipher AES-128-CBC
auth SHA256

Create SSL Cert & CA for server and clients

 

Read More