Change the amount of memory given over graphics to 16 megabytes – we’ll be running this completely headless, so you don’t need graphic memory. Exit, and let’s setup some partitions on the USB. We’re going to setup at least two – one to use for the system so as to preserve the life of our SD card, and the other one for downloads to be stored. Figure out first which drive is your USB.
I have a question regarding access to the Pi once it is connected to the VPN. Currently everything is working on my Pi and I can SSH to it and use the Transmission WebUI while I am on my local network of 10.10.1.*, Now the issue I have been struggling to figure out is how to remotely access the Pi properly so I can use the WebUI. I have a Asus RT-AC68U as my main router and have a OpenVPN server running on it. This allows me to VPN into my house and access all my local devices. It is using tun as I need the Android support. This issue with tun is that it assigns a different IP to my clients - 10.8.0.* so when I try to SSH to the Pi or use the WebUI the VPN client on the Pi is redirecting this traffic over the Pi VPN and I never get back a response. I switched my VPN server to use TAP and DHCP of my local LAN and the issue was solved as in that configuration my client has a local LAN IP. I imagine I should be able to change the IPtables on the Pi so my 10.8.0.* traffic is not routed over the Pi VPN client but I cannot for the life of me figure it out. If anyone has any suggestions please point me in the right direction I have been reading for hours and hours with no luck.
I'm stuck. I'm using PrivateInternetAccess, did everything you said. When I initiate the VPN, the Pi runs through to the point where it says "Initializationtion Sequence Complete" - which isn't too bad - then I get a blinking cursor and that is that. A blinking Cursor. Then the Pi shuts down. The end. I repeated that circle 5 times, now I give up. For now. Maybe you have an idea?
Sounds like you may have white listed the wrong subnet, the default is only local host (127.0.0.1) and the author added a common subnet issued by Apple Routers (10.0.1.*). If you have a different router manufacturer you may have a different subnet (usually 192.168.1.*). Alternatively the host name isn't broadcasting correctly, have you tried connecting via the direct ip?
First of all, thanks for your tutorial. I set up my Raspberry Pi like you described. But the iptables configuration could be improved, I think. When I kill the openvpn process while downloading torrents, transmission continues but using my real ip address. Unfortunately I have never used iptables before. Do you have an idea how to configure iptables in a way that network traffic just stopps if there is no vpn interface?
Thanks for the guide! I am experiencing an issue. It doesn't seem like any of my changes are surviving a reboot. The VPN doesn't auto connect and the mounts don't seem to be correct. The VPN connects fine if I launch the script. My rc.local edits survive a reboot as well as changes to fstab. Also, a mount -a seems to mount fstab entries that exist but aren't mounting at system start.
The IP checking torrent should return an error, along with the IP address it detected. Make sure that isn’t your home IP – if it is, the VPN hasn’t been set up right. By default, any torrents you drop in the folder will be renamed to .added, and a .part file should be created until the transfer is finished. Verify this is the case in your shared folder.
Hi, James Great thanks for the nice instructions. I have learned a lot from it. I just would like to know what these two following commands do. "iptables -t nat -I POSTROUTING -o tun0 -j MASQUERADE and iptables -t nat -D POSTROUTING -o tun0 -j MASQUERADE" does it block all the internet access after vpn server is done?