But when I get to this section when we ‘tell the ddclient which address it needs to update’, something is going wrong, it seems.
I’ve updated the two specified ddclient files with the required changes, but when I check the status, it comes back like this instead of showing all the warnings and suchlike that are shown in the tutorial. I don’t know why it shows ‘please set run_daemon to true’ when it is set to true! When I look at my subdomain in freedns.afraid.org, the IP address is not updated as shown in the video.
Then I get stuck in some kind of a text box with a load of tildes, and I can’t seem to work out how to close it! I just have to close PowerShell and log back into the RP because I can’t work out the key combination to get back to the prompt. Very frustrating. I couldn’t work out how to paste text into the Nano window in PowerShell either.
I found this script installs openVPN and its requirement makes the task of setting up a VPN rather easy but im not toally sure if it works on a pi but worked fine on my VPS.
I use Wireguard and find it fast and reliable. Clients run on my Android phone and iPad. For DDNs I initially used NoIP but now run a CPanel updater script.
A VPN encrypts the traffic between your computer and the VPN endpoint. It does not do anything to encrypt or improve the security between the VPN server and the sites being accessed. So if you are hoping to encrypt traffic from your computer, your VPN server needs to be outside your ISP (So ISP servers are between your computer and VPN endpoint). In that case, ISP will see traffic coming from VPN server and won’t know it was from you.
Edit: I’ve got a bit of the way through the installation but would now need to choose between WireGuard & OpenVPN, and not sure which to choose. The latter is apparently recommended but seems more for mobile devices. Judging by the votes in this thread the other suggestion ITT seems to be more popular TBH.
To be honest I’ve abandoned the project now, as it doesn’t look like the RP can be used to get me any more privacy on the web. I thought I could use it to encrypt my web traffic so my ISP can’t snoop on my traffic and block sites, but it doesn’t seem to work like that. It seems the VPN on RP is more for remotely connecting to your home network and I don’t really need to do that. cheers
Edit: not sure why someone has seen fit to downvote me? If what I want to do actually can’t be done, then the only logical response will be to scrap the project. There’s no point ‘flogging a dead horse’.
Thanks, but it seems that I’m not going to be able to do what I wanted with it, so I’m abandoning the project unless I get any other suggestions how to do it. Anybody want to buy an RP in the UK HMU!
Edit: not sure why someone has seen fit to downvote me? If what I want to do actually can’t be done, then the only logical response will be to scrap the project. There’s no point ‘flogging a dead horse’.
A VPN encrypts the traffic between your computer and the VPN endpoint. It does not do anything to encrypt or improve the security between the VPN server and the sites being accessed.
Got that, thanks.
So if you are hoping to encrypt traffic from your computer, your VPN server needs to be outside your ISP (So ISP servers are between your computer and VPN endpoint). In that case, ISP will see traffic coming from VPN server and won’t know it was from you.
I’m kind of struggling with this though, TBH. Can I do it like this?
[local machine]<-->[VPN server on RP]<-->[ISP]<-->[endpoint]
I don’t think that can be right though, as surely my ISP needs to know every IP address to fetch from.
Edit: I’m really not convinced that diagram makes sense, as clearly there’s no way to force my ISP to ‘scramble’ the data it looks up from the endpoints I request. I suppose a commercial VPN works more like a proxy that they are fetching data for you and then sending it you in an encrypted form, via your ISP.
2- Once it finishes (should not take more than some secs deppending on your network speed), do this:
ls -l
3- That command will list all the files inside the current directory you’re in. If you see openvpn-install.sh in that list, you’re good and you can go to step 4.
4- Enter this in the command line and press enter:
sudo chmod +x openvpn-install.sh
5- Enter this in the command line and press enter:
sudo ./openvpn-install.sh
And then it should start the instalation. What you did, according to the text you pasted, did nothing because it didn’t find the openvpn-install.sh file because you pasted two commands in one lane and it didn’t download the file or because it didn’t change the execution permission of the file, I can not be 100% with the logs.
Personally I use OpenVPN. This is largely for historic reasons - Wireguard was still very much in development when I set up my VPN.
I buy the argument that Wireguard is better in some ways - but how much that actually matters for “typical” users is an open question.
I also use Zerotier, on the same network and it doesn’t conflict. The reason for this is that I have 2 locations, 90km apart with 11 (!) Pis across them. Zerotier was amazingly easy to set up and makes them all appear to be one a single LAN so they can “talk” to one another really easily.
So I use OpenVPN to give me my own VPN over public access points when on the move plus access to my “primary” location, and Zerotier to both join together and remotely manage the various devices.
I set mine up mine initially using a static IP address even though my isp allocated me a dynamic address. One I got everything set up I set up the noip account. Then a few weeks later I set up the cPanel script. I would recommend installing Wireguard, it is very straightforward. If you get stuck ask on the Raspberry Pi forums. You will sort it.
[local machine] ↔ [VPN server on RP] ↔ [ISP] ↔ [endpoint]
You can do it however it does not serve the purpose. Your data/browsing is encrypted on your local network only as RPi will send requests to your router ultimately going through ISP.
This setup is useful for devices outside your local network e.g. mobile phone on data network or your laptop on coffee shop hotspot. Your devices connect to RPi VPN so data network ISP or hotspot network ISP see only encrypted data & not real data.
[local machine] ↔ [ISP] ↔ [VPN on cloud] ↔ [endpoint]
If you are looking at encrypting local machine data so your ISP cannot see it, you need VPN in cloud (i.e. DIY VPN in cloud like DigitalOcean) or a commercial VPN. Since VPN is beyond ISP servers, all ISP see is encrypted data between you & VPN. It cannot see readily what you are actually browsing.
Thanks. I am having difficulty pasting into Nano via Powershell, which is a bit of a problem. The only way I could seem to do it was to right-click and it then appeared to run before I had even hit enter, or at least that’s how it seemed. I did find this from Google, but I couldn’t seem to get the hang of it.
Will just type your instructions in presently though, TY.
