setting up a VPN gateway PC

[GeorgeL]

Hello,


currently I use a Win 10 based PC with two ethernet ports. The first port is connected to my ISP. I run OpenVPN on the box, and when the connection to the VPN service is established, I "share" the second ethernet port to the first ethernet port. The second ethernet port is connected with a second router, so anyone connected to that router uses the VPN connection on the PC.

I try to explain it with a small diagram:

Router(ISP) --- (eth0 - PC running OpenVPN - eth1) --- (second router) === other PCs, smartphones etc. going through OpenVPN into the internet

My intention is to drop Win 10 from the next PC, replacing it with Mint.

It did some research on that topic over the last weeks, but it looks it's very complicated with Linux. Is this true, or is there a relatively simple way to accomplish that?

Thank you in advance for your help,

George

[phd21]

Hi "GeorgeL",

Welcome to the wonderful world of Linux Mint and its excellent forum !

It would help to know more about your system setup. If you run "inxi -Fxzd" and "lsusb" from the console terminal prompt, highlight the results, copy and paste them back here, that should provide enough information.

As usual, there are a few different options for doing this, and whether or not it is legal or not in your country is up to you to find out.


1.) It is not that difficult to setup an "openVPN" server in Linux, see links below. There are many articles on this, here are three good ones below. I would recommend using updated "openvpn" packages. During the configuration, you should create the client ".ovpn" setup configuration file and the certificate and key files, so that you and or others can access your server(s).

How To Set Up an OpenVPN Server on Ubuntu 16.04, May 4, 2016
https://www.digitalocean.com/community/ ... untu-16-04

An Easiest Way To Install And Configure OpenVPN Server In Linux · APRIL 5, 2017
https://www.ostechnix.com/easiest-way-i ... ver-linux/

How To Setup OpenVPN Server In 5 Minutes on Ubuntu Server, Posted on June 27, 2016
https://www.cyberciti.biz/faq/howto-set ... 16-04-lts/


2.) You could do what many others around the world are doing and setup a vpngate softether server.

How to Provide Your Computer as a VPN Server for VPN Gate (Become a Virtual Internet Service Provider)
http://www.vpngate.net/en/join.aspx

Install on Linux and Initial Configurations
https://www.softether.org/4-docs/1-manu ... igurations

Older article - How to Setup a Multi-Protocol VPN Server Using SoftEther, November 19, 2013
https://www.digitalocean.com/community/ ... -softether



Hope this helps ...

[GeorgeL]

Good morning, phd21 -

thank you for your reply. As I never tamper with a running system, I've ordered parts for a new system. The old one (Win 10) runs on a Celeron N3510 (or something like that) and can only provide a bandwidth of 15 MBit from a cable line with 60 MBit, due to the protocol overhead of OpenVPN (encryption has its price). The new system isn't built as parts will arrive tomorrow, so this would be the earliest date to provide you with more information on the hardware in the system.

What I'm doing isn't against the law, and I've even checked with the VPN provider that using their service this way is fine with them.

The first thing I do not understand is the fact with the OpenVPN server. In the current setup, the users do not need to do anything special: they just connect to the second router, their requests are routed through the current gateway PC and are tunneled to the VPN service server.

Your example sets up a OpenVPN server on the gateway PC and would force them to use OpenVPN as well, which is something that will not work (my experience with people).

Maybe my question was asked to complicated (I tend to explain too much). I want the gateway PC to connect to the internet via eth0, and allow incoming traffic (from another router) on eth1, and this traffic routed via eth0 to an external destination. I assume that all traffic going through eth0 will be going through the VPN service, when VPN is up and running on eth0.


A word on Linux Mint: almost two years ago the Microsoft marketing reached their goal with me, and I decided to switch from Windows 10 to Linux, which is still a work in progress, but with progress. And the gateway PC is the next system where I want to drop Windows 10.


George

[PJO3]

You'll be much better off (lower electricity bill for one thing) setting up a raspberry pi running both PiHole and PiVPN (OpenVPN on an rpi).

Like you, I am not moving to Windows 10. We're becoming a Linux household.

PiHole will filter adverts for you for your entire network, with nothing to install on any device. It just needs your router to point to it for DNS. Works brilliantly and is a one line command install. Likewise for PiVPN. The most work, and it's not much, is in ensuring all remote connections by VPN use PiHole, so you get ad filtering on the go. I can post some links if you need.

[PJO3]

You'll be much better off (lower electricity bill for one thing) setting up a raspberry pi running both PiHole and PiVPN (OpenVPN on an rpi).

Like you, I am not moving to Windows 10. We're becoming a Linux household.

PiHole will filter adverts for you for your entire network, with nothing to install on any device. It just needs your router to point to it for DNS. Works brilliantly and is a one line command install. Likewise for PiVPN. The most work, and it's not much, is in ensuring all remote connections by VPN use PiHole, so you get ad filtering on the go. I can post some links if you need.