How to set up your own home VPN server
In this complete guide, you will learn how to set up a VPN at home.
Below we will address the following points:
- Why do you need your own home VPN server
- How to set up your own VPN server on your computer
- How to use a router with built-in VPN server capabilities
- Set up a home VPN server by flashing your current router
- How to use a cloud service provider
- What are the disadvantages of setting up a VPN server yourself
>> If you are interested in setting up an OpenVPN server at home, click here to go to this section.
VPNs or Virtual Private Networks help you to surf the internet anonymously by creating a secure connection between your device and the VPN server. There are several ways you can set up your own VPN server.
This way you can remotely access your home network.
Related guide: What is a VPN and how does it work
The cheapest way is to turn your personal computer into a home VPN server. There is a series of steps that you have to follow for specific operating systems. The most straightforward way is to buy a router with VPN capabilities.
If you don’t want to buy a new router, you can update your router to make it a VPN compatible router. Apart from these methods, you can use a cloud service provider like AWS to create your own VPN server in the cloud.
Setting up your VPN server using either of these two methods may seem more secure, but your devices may be at risk if you miss the basic security configurations.
Additionally, bandwidth changes in your home network can greatly affect your VPN connection. Therefore, it is safer to use a reliable VPN service provider at all times for all your VPN needs.
Why do you need your own VPN server?
We usually subscribe to a commercial VPN service and connect to one of the remote VPN servers near our location. Sometimes you may use a free VPN which may not be as secure as you expect and opt to subscribe to a paid VPN service for better privacy.
But, you don’t necessarily need to pay for a VPN because you can also set up a VPN server in your home. Then, you can safely connect to your home network when you’re away from home.
Setting up your own VPN server is cheaper than paying for a premium VPN service as most methods such as hosting fees for the computing services you use. Moreover, these VPNs are disposable, which means that you can terminate your server after you are done using it.
In addition, it will be safe from commercial VPNs because you do not provide your data to an external service that can keep your access logs and share them with third parties for various purposes.
There are several ways you can achieve this. But you do need to have some technical knowledge about setting up a home VPN on your own, as it can be a difficult task.
In this guide, we’ll explain the different ways you can make one. We’ll start with the most cost-effective way: turn your computer into a VPN server.
How to set up your own VPN server using your computer?
This method might be the cheapest way to create a VPN server on your own since you don’t need any external hardware, but there can be limitations.
- You need to make sure that your computer is constantly running on your computer. Because if the computer is turned off, there is no way you can log into it.
- You will need to set up port forwarding for your router.
- We are using Microsoft’s built in VPN server hosting functionality that uses the unsecured VPN protocol PPTP for this method. In this setup, you need to expose your computer directly to the internet, through which your computer can become vulnerable to cyber attacks. Thus, if you are using this method, use a strong password for authentication and a different method for port forwarding.
Create a VPN server in Windows 10 using Windows Embedded Server
Set up your Windows 10 PC
Step 1: Open the Network Connections window. Then click Organize and select Layout->Menu Bar.
Step 2: From the menu bar, select “File” -> “New incoming connection”.
Step 3: Then, on the pop-up screen, select the user accounts you want to connect to. We recommend that you use a separate user account with a strong password to set up the VPN server so that your accounts are secure. To do this, click on the “Add someone” button. After selecting the user accounts, click the Next button.
The fourth step: Next, select the “Online” option to allow VPN connections to your computer over the Internet.
Fifth step: Next, select the protocols in the list that should be allowed for incoming connections. After choosing what you want, allow access. If you do not want to allow connections to access printers, unsubscribe File and Printer Sharing for Network Connections.
Sixth step: Next, select the protocols in the list that should be allowed for incoming connections. If you do not want to allow connections to access printers, unsubscribe from File and Printer Sharing for Network Connections. After choosing what you want, allow access.
Now your computer acts as a VPN server, ready to serve for connection requests.
Set up the forwarding port in your router
The next task is to setup port forwarding in your router to connect to the VPN server over the internet. By setting up port forwarding, your router can send certain traffic to your computer.
- Find the IP address of the computer on which you have set up the VPN server
- Log in to your router from the web. Then set up port forwarding for port 1723, which is the PPTN protocol for your computer’s IP address.
How do you improve security?
- Set a firewall port forwarding rule that only allows traffic from specific IP addresses
- Use an external port to connect to port 1723 to connect through this external port, protecting the VPN servers in the default port.
Connect to a VPN server
Step 1: Go to network and internet settings in windows 10 and select VPN->Add VPN connection.
Step 2: Click Add VPN Connection and do the following.
- Choose Windows (Embedded) as VPN Provider
- Enter a contact name of your choice
- Enter the IP address of the VPN server you set up
- Select VPN Type as PPTP
- Enter the type of login information. You can enter a username and password, one time password, certificate or smart card. Enter your username and password in the boxes provided if you choose username and password for the login option and then save. Then your VPN connection will be listed with wi-fi connections.
Step 3: Next, select the VPN connection you created in the taskbar network icon, select Connect, and enter the user’s credentials. Finally, you will be connected to your VPN server.
Create a VPN Server in Windows 10 Using OpenVPN
Install Open VPN
The first step in this method is to download the OpenVPN installer for Windows directly from the Open VPN website. When the installation starts, be sure to perform a custom installation and select “EasyRSA 2 Certificate Management Scripts”.
Configure EasyRSA to generate certificates and keys
- Open Command Prompt as Administrator
- Go to C:/Program Files/OpenVPN/easy-rsa
- Run EasyRSA by typing the command “EasyRSA-Start.bat.”
- Create a directory for Public Key Infrastructure (PKI) using the . command
- Copy the vars.example file located in the easyrsa folder as vars.bat and open the file in notepad
- Edit the following line as you need and save it
- Then type the following commands
./easyrsa clean for everyone
Now we have set up easyrsa to generate certificates and keys.
Generate certificate and keys
The next thing we need to do is generate server and client certificates and keys. So, execute the following commands one by one. First, build the CA to sign certificates and other keys.
1. ./easyrsa build-ca nopass
Generate certificate and keys for server and clients as follows:
2. ./easyrsa build-server-full server nopass
3. ./easyrsa build-client-full Client1 nopass
Create Diffie-Hellman Parameters
After performing these steps, you can find the keys, certificate files, and Diffie-Hellman parameters in the following folders.
C: / Program Files / OpenVPN / easy-rsa / pki – ca.crt (CA certificate) and dh.pem (Divie Hellman parameters)
C:/Program Files/OpenVPN/easy-rsa/pki/private – server and client keys (server.key and client.key)
C:/Program Files/OpenVPN/easy-rsa/pki/issued – server and client certificates (server.crt, client1.crt)
OpenVPN Server Configuration
- Copy the following generated files to the “config” directory in the OpenVPN folder
- Open “server.ovpn” located in C:/Program Files/OpenVPN/sample-config
- Replace the following path for the key, certificate, and dh file with the actual paths. for example
ca “C: \ Program Files \ OpenVPN \ config \ ca.crt”
- Configure other options as you need. If not, keep the default settings and save the file in the configuration directory.
Configuring OpenVPN Clients
- Install OpenVPN on all client devices
- Copy the following files created in the server machine to the configuration folder in the OpenVPN folder of each client machine
- Make a copy of the file client.ovpn” located in C:/Program Files/OpenVPN/sample-config
- Edit the file as required and save it to the configuration folder.
- Copy the edited client configuration file to all clients connected to the server computer
Connect to a VPN server
You have now finished all the required configurations of the VPN server and client devices. Finally, run “Open GUI” as administrator. Then you can locate the GUI in the lower right corner. Simply click on “Show hidden codes” and “OpenVPN” and click on “Connect”.
Create a VPN Server in Ubuntu
If you are an Ubuntu user, you can follow the same procedure as for windows. Setting up a VPN server in Ubuntu is also a very complicated and time consuming process. For more details, you can refer to How to Setup OpenVPN Server in Ubuntu. In short, here are the basic steps that you need to follow to create a VPN server in Ubuntu server.
- Install OpenVPN
- Install EasyRSA
- Create a PKI . Directory
- Prepare a reference certificate
- Generate server certificate and keys
- Create client certificate and keys
- Configure the OpenVPN server by providing the customizations you need in the configuration file.
- Set IP forwarding to properly route IP traffic.
- Adjust your firewall configurations to allow OpenVPN to know where to route traffic from clients.
- Start the configured OpenVPN server
- Create and install client configurations
Turn your Raspberry Pi into a VPN server
You can also use OpenVPN in your Raspberry Pi to set up a VPN server. This is again a very complicated process if you install OpenVPN directly and do the configurations manually. But you can quickly achieve this with the PiVPN installation script. In the process, you first need to download the script from the PiVPN GitHub page.
This can make setting up the configuration easier through the setup wizard. Continue to build your own Raspberry Pi VPN guide to know the exact steps to implement.
Apart from turning your computer into a VPN server, you can also try the following methods, which will be more expensive.
Use a VPN router with built-in VPN server capability
As explained above, although it is cheaper, turning your computer into a VPN server can be quite cumbersome. In this case, another workaround is to use a VPN router with the ability to set up an integrated VPN server. It’s a good idea that the router you buy supports a more secure VPN protocol other than PPTP, such as OpenVPN.
However, this can be costly because if your current router does not have this capability, you may have to buy a new one.
Setting up your own VPN router is relatively easy. In short, here are the basic steps that you need to follow to setup your VPN router as a VPN server.
VPN Router Setup
- Start a browser window from…