network 26/04/2017


How to share VPN access to your local network? This is the idea of this article! My need was to be able to use multiple computers and only one VPN as part of my job.

Necessary material

  • 1 internet access (
  • 1 RaspberryPiZero (
  • 1 hour before


Download the latest version of Raspbian (based into Debian system) (700Mo) :

wget -O raspbian.img https://downloads.raspberrypi.org/raspbian_lite_latest


After download, install Raspbian on your microSD card, the "/dev/disk1" is my card. Waiting 5 minutes, and take a coffee:

dd bs=1m if=./raspbian.img of=/dev/disk1

At this step, do not remove your microSD card, for enable SSH service by default, create a empty file with name "ssh" on "boot" folder (on /dev/disk1s1 partition):

touch /Volumes/boot/ssh

After create file, umount your microSD card:

umount /Volumes/boot

After, unplug it and insert into your RaspberryPiZero.


After few minutes (booting system, 2/3 minutes), connect to your RaspberryPiZero with SSH command. For the first access, your RaspberryPiZero has a random IP address (assigned by DHCP server/box), use a pi username, the default password is raspberry (for me it's

ssh pi@

Change to root user (pi is on sudoers):

[root@raspberry:~] # sudo su -

Launch the update/upgrade system:

[root@raspberry:~] # apt-get update -y
[root@raspberry:~] # apt-get upgrade -y

Settings network adapter for use a static IP (for me it's use

[root@raspberry:~] # cat /etc/network/interfaces
# Include files from /etc/network/interfaces.d:
source-directory /etc/network/interfaces.d

# Configuration for loopback
auto lo
iface lo inet loopback

# Configuration for eth0
auto eth0
allow-hotplug eth0
iface eth0 inet static

Configure your hostname, for me it's "fw-vpn-gateway":

[root@raspberry:~] # hostnamectl set-hostname fw-vpn-gateway

Reboot to take account of the parameters:

[root@raspberry:~] # reboot


Reconnect on your RaspberryPiZero and change to root. For a personalize prompt with custom color, add this lines into ".bashrc" file:

# Personnalize my prompt:
export PS1="[\[\e[31m\]\u@\h\[\e[0m\]:\[\e[34m\]\w\[\e[0m\]] # "

Reload your profile:

[root@fw-vpn-gateway:~] # source .bashrc

Install defaults tools:

[root@fw-vpn-gateway:~] # apt-get install -y telnet curl wget htop nmap python python-pip python-dev python-easytools

Install OpenVPN

Install the OpenVPN package, it's fast:

[root@fw-vpn-gateway:~] # apt-get install openvpn

Enable service by default (on boot server):

[root@fw-vpn-gateway:~] # systemctl enable openvpn

Settings OpenVPN

The configuration files must be in the folder "/etc/openvpn". By default the folder contain only "update-resolv-conf" file. Create a new folder keys for your keys :

[root@fw-vpn-gateway:~] # mkdir /etc/openvpn/keys

And copy your profil files from your VPN service (for me it's my staff):

[root@fw-lbn-gateway:~] # tree /etc/openvpn/
├── keys
│   ├── staff.p12
│   └── staff.key
├── staff.auth
├── staff.conf
└── update-resolv-conf

The files keys/staff.p12 and keys/staff.key are my certificates. The files staff.conf is my generic configuration and staff.auth is my credentials.

Start service:

[root@fw-vpn-gateway:~] # systemctl start openvpn

I don't have a return information, it's normal, for view status, use:

[root@fw-vpn-gateway:~] # systemctl status openvpn

If you have a problem to starting service, please consult journalctl:

[root@fw-vpn-gateway:~] # journalctl --unit=openvpn -xe

Configure your computer

On your computer (Linux, macOS, Windows, Android, ...) you must change the settings os your network adpater to assign a fixed IP. You can use the same, instead the gateway will have to be modified for that of the RaspberryPiZero ( and not the box (

If the default configuration for all computes, change this settings on your DHCP server (by default it's your box assign IP into local network).




👨🏻‍💻 Tech Lead SRE. Like #Linux, #Apple, #Kubernetes, #Docker, #Unraid, #Traefik, #Hacking, #Chia. Member of @OpenChia Team 🌱 ¯\_(ツ)_/¯