Before we start, here is a link to the PIVPN site http://www.pivpn.io/ also to Pi-hole: https://pi-hole.net/ and thanks to Loic74 - https://marcstan.net/blog/2017/06/25/PiVPN-and-Pi-hole/
Like most normal people I find the subject of backups and secure VPNs to be torturous and boring. I’ve covered backups elsewhere since discovering the absolute importance of being able to do them easily but only now have I discovered the fun and relevance of having my own domain blocker to stop some of the ads coming in.
Recently, after months of on and off investigation into VPNs (mostly off) I stumbled across PIVPN. For the majority out there who are turned off by the subject… this is REALLY, REALLY easy and the PI does a great job of being a VPN server while doing other jobs. It also easily handles Pi-hole and hence can do blacklisting and whitelisting for your whole network.
While out in Spain for the summer I installed (doddle) PIVPN onto the Raspberry Pi 3 board I use to control stuff (and which is hence on 24-7). Go to the link above and you’ll see this is a no-effort-or-skill install. Oh, your router, you need to direct one port to the PI.
I’m talking above about the “VPN SERVER” i.e. software that allows secure access to your stuff from anywhere (all your stuff). I then put an “OPENVPN “client” on my mobile phone. This needed a “certificate” and in the past that has always filled me with fear.
That’s it. Add a password and a certificate is generated. This is just a text file which you can copy to your mobile phone, computers etc. There really is nothing more to it than that.
Back in England, the novelty of talking to my kit in Spain on the mobile with lots of open ports soon wore off… so I put the OpenVPN “client” in my router so I could access Spain from any machine here with only one port redirection on the router. Sorted.
Last week, I did the reverse and installed PIVPN on a PI here in the UK. One more certificate and I was done. I cannot overstress how easy this was. I’ve looked at all sorts of solutions and this can’t be beaten for ease. The Pi is not wasted as it too is on 24-7 doing other stuff.
Clearly, testing this while inside the network is foolish – so I turned off the WIFI on my phone and used my mobile data package for the test. Worked a treat. I could access all my network stuff.
So now, instead of having a shedload of open ports for various control and monitoring systems remotely, I only need the one. All of this is free – a great project!
Putting that together with Pi-hole makes the investment in a Raspberry Pi3 a no-brainer – especially if that same Pi 3 is running the home control and thermostat display etc. No reason you could not do ALL of this on a Pi2 but I’m playing safe as I want it to do a LOT.
As I update this blog on my Windows 10 PC (which only today has been given the gift of a new 1TB hybrid C: drive and a new “normal” D: drive after many years of service with the original drives) – Pi-hole has reduced the incoming traffic on the web by a large margin without me noticing any missing stuff. MARVELOUS and thanks to an idea from Mr Shark I’ll soon have the stats for that on the little OLED display I ALSO have on the Pi.
This afternoon while on the road I had the VPN client running on my mobile and watched the stats as Pi-hole protected my phone. Up to now, reliability 100%
And here is the official video for Pi-hole… https://www.youtube.com/watch?v=vKWjx1AQYgs – just remember, this stuff is free. MAGIC.