Are any of you guys tech savvy? Need VPN help.

Anything not covered elsewhere.
Post Reply
Message
Author
User avatar
Seth
Posts: 2730
Joined: Thu Sep 10, 2009 8:06 pm
Location: Sacramento, California, USA
Contact:

Are any of you guys tech savvy? Need VPN help.

#1 Post by Seth »

This whole thing started with a Raspberry Pi.

My ISP is a public ISP, hosted by a Marina/Resort, and their provider is AT&T.

I bought a Raspberry Pi 400 and set up the Pihole DNS server on it. In order to get it to work with all my stuff, I set up a WISP connection in a router I had laying around. Ad blocking is pretty good on it's own. Even in-app adds on my phone are gone when I'm connected to my Network.

But, then I went and got greedy. I want to set up a VPN host on the Raspberry Pi so I can have ads blocked on my phone wherever I am, or on my laptop when I'm out of town.

I chose Softether VPN because it's supposed to work from behind firewalls and doesn't need any port forwarding (remember, my ISP is public). It's downloaded and setup on the Pi, but for the life of me, I can't secure a connection to the VPN except that I'm able to access the VPN server on the Pi through their server GUI on my PC. GUI says it's active.

I think I set everything up right, but obviously something's wrong. I'm supposed to be able to use the VPN functionality that's already in my phone and Win10 PC to connect without having to download any connection apps or anything like that. But, I'm getting absolutely no joy. I feel like it's probably something that would be obvious to someone that knows what they're doing.

I'm not to the point of utter frustration yet. But, hours and hours of searching and trying isn't proving fruitful. Is any of this more than Greek to you? Any of you wanna jump on a team viewer and take a look?
Build in process - 2 WH6, one Alpha 6a loaded, one PRV Audio 6MB250-NDY loaded

Two 2x6 shorty SLA Pro's
One T39, 16", 3012LF loaded
Tall AutoTuba, 20" wide, 2x 8" MCM 55-2421
TruckTuba, 8½" wide, 2x 8" MCM 55-2421

tallevan
Posts: 91
Joined: Sun Oct 20, 2019 12:15 pm
Location: London, England

Re: Are any of you guys tech savvy? Need VPN help.

#2 Post by tallevan »

Hi Seth.

I run a pihole. Works great.
You remind me I should update it, it's been running without a reboot for 9 months.

Do I understand you are trying to run other stuff on the pi?

I'd try first to not do that. Just run a vanilla pihole and connect into your network through the VPN server that is almost certainly on your broadband router.

Try doing this with a laptop first, then try with your phone.

Evan

jimbo7
Posts: 849
Joined: Fri Dec 28, 2012 10:45 am
Location: St. Louis

Re: Are any of you guys tech savvy? Need VPN help.

#3 Post by jimbo7 »

Image

But seriously, if I ever have a question like this I go to reddit for help. I recently spent hours and hours searching and asking for help to get a pi board to communicate with my 3d printer. Somehow with dumb luck I got it working. Networking is Latin to me. I feel your pain and send good vibes your way.
BFM builds:
XF212
T24 BP102 24"
2x SLA's 6-5" mids, 9- gt-302's
2x AT 14" MCM 55-2421
TrT 5" MCM 55-2421
AT 18" JBL GTO804
2x OT12 flat array
2x SLA Pro 2-Alpha 6's 2-Goldwoods
2x T39 24" 3012lf
Simplex 10 BP102

User avatar
Chris_Allen
Posts: 3355
Joined: Wed Jul 11, 2007 2:43 pm
Location: Huddersfield, UK

Re: Are any of you guys tech savvy? Need VPN help.

#4 Post by Chris_Allen »

How are you routing traffic on your network to the Pi? Have you redefined the Pi as your Gateway?
Built:
6xDR200, 2xT39, 2xT48, 2xJack110, 1xOmni10.5, 1xAutotuba, 1xT18, 1xSLA Pro, 1xW8, 1xW10

tallevan
Posts: 91
Joined: Sun Oct 20, 2019 12:15 pm
Location: London, England

Re: Are any of you guys tech savvy? Need VPN help.

#5 Post by tallevan »

Seth can describe his very complex network topography, but a pihole is a bit of free software that transforms a Raspberry Pi into a network device called a DNS Sinkhole.

It's pretty simple. You plug it into your network with an ethernet cable and it's own IP address.
It becomes your DNS server. So you configure your router to point to it rather than the usual ISP or public DNS server on the interweb.
When you access a website on your network, all URLs resolve through the pihole. Outwardly, it uses a public DNS server to resolve normally.
But it keeps a blacklist of IP addresses that serve ads, malware and tracking crap. All the ads that show up on your browsing are actually served up by a surprisingly small list of IP addresses.
Since they come back through the pihole, it just dumps all the traffic from these blacklisted IP addresses into a hole. The ad vendors have delivered the ads, but you never see them.
Your webpage displays normally, just without ads.

Your browsing becomes much more zen. You can tune it to let some ads through, and of course you can add this site to a whitelist so the ads are still served.

Evan

User avatar
Seth
Posts: 2730
Joined: Thu Sep 10, 2009 8:06 pm
Location: Sacramento, California, USA
Contact:

Re: Are any of you guys tech savvy? Need VPN help.

#6 Post by Seth »

Chris_Allen wrote: Thu Feb 03, 2022 4:19 am How are you routing traffic on your network to the Pi? Have you redefined the Pi as your Gateway?
I've routed the DNS settings in the router to the Pi for the Pi Hole, and the Pi Hole works well for the home network. But, redefining the Pi as my gateway is something I haven't done, if that's something different. Could that be what's throwing a wrench in getting the VPN server functioning?
Build in process - 2 WH6, one Alpha 6a loaded, one PRV Audio 6MB250-NDY loaded

Two 2x6 shorty SLA Pro's
One T39, 16", 3012LF loaded
Tall AutoTuba, 20" wide, 2x 8" MCM 55-2421
TruckTuba, 8½" wide, 2x 8" MCM 55-2421

tallevan
Posts: 91
Joined: Sun Oct 20, 2019 12:15 pm
Location: London, England

Re: Are any of you guys tech savvy? Need VPN help.

#7 Post by tallevan »

I like to keep my network components discreet, so I wouldn't over-task the wee pi.
If the pi or the DNS sinkhole fails, the network fails over to a public DNS server immediately. Other than the sudden appearance of ads it would continue to operate normally.
My pi is an old one, low-spec with a 100Mb network interface. Perfectly adequate for a pihole by itself.

But others have done what you propose. Have a look here: https://www.scaleway.com/en/docs/tutorials/pihole-vpn/

User avatar
Seth
Posts: 2730
Joined: Thu Sep 10, 2009 8:06 pm
Location: Sacramento, California, USA
Contact:

Re: Are any of you guys tech savvy? Need VPN help.

#8 Post by Seth »

It's pages like that (there are many) that put the idea in my head to begin with. The latest Pi's have more than enough memory and computing power to handle these two tasks. Even if running everything through the VPN was too much, it can be configured to just run the DNS inquiries through the VPN (and Pihole), which would be miniscule compared to streaming 4K video through it.

In efforts to figure it out, I've done several attempts beginning with a clean OS flash/install and run just the VPN software without Pihole. Still no love. I even tried it several times on a VM and tried to connect devices to that. Still nothing. I was initially thinking it had something to do with my internet connection and being on a public access point. But, I'd think a VM wouldn't have that issue. So, I'm now thinking that there's just a little thing I'm overlooking.

The best result I've seen is a client device saying it didn't connect due to improper validation with the host... or something to that effect.

Here's the load the Pihole puts on the Pi4 resources, nearly nothing.
Screenshot (171).png
Screenshot (171).png (7.62 KiB) Viewed 723 times
I don't know if there's any benefit to running the 2 services on discreet devices, other than a cool factor that only geeks and nerds would appreciate. Which , I must say, is slightly appealing.
Build in process - 2 WH6, one Alpha 6a loaded, one PRV Audio 6MB250-NDY loaded

Two 2x6 shorty SLA Pro's
One T39, 16", 3012LF loaded
Tall AutoTuba, 20" wide, 2x 8" MCM 55-2421
TruckTuba, 8½" wide, 2x 8" MCM 55-2421

User avatar
Chris_Allen
Posts: 3355
Joined: Wed Jul 11, 2007 2:43 pm
Location: Huddersfield, UK

Re: Are any of you guys tech savvy? Need VPN help.

#9 Post by Chris_Allen »

VPN is essentially a tunnel and you want all the traffic from your home network to enter that tunnel, come out the other side at the VPN server and then start their journey across the internet.

For that to happen, traffic has to go to the front of the tunnel first. I would change one of your devices to define the Pi as the default gateway to do the IP routing to the Internet and then try and validate that your VPN is working as expected.
Built:
6xDR200, 2xT39, 2xT48, 2xJack110, 1xOmni10.5, 1xAutotuba, 1xT18, 1xSLA Pro, 1xW8, 1xW10

Post Reply