So, it’s always bidirectional? Then I must review my setup the next time I’m up there. I had the impression it was one-way only. If I can reach the client’s network from the server it’s the thing I’m looking for as the client isn’t reachable from the internet…
Yes, by default. OpenVPN is one of those services with a million settings so I’m certain it is possible to configure it so it is one way. And perhaps it is reasonable for some of the gateway/firewall wizards to configure it so that happens. But by default, normally it is bidirectional, though like I said, the IP address will be different.
1 Like
That’s fine, I already configured two separate subnets.
Thanks again, I have to look into this!
Just to make sure, I connected my phone to my OpenVPN over the cellular network and was able to ping it using its OpenVPN IP address from a machine on my LAN. So I’m not just making things up. It is, or at least can be bidirectional.
I have a pfSense firewall and I run OpenVPN on it configured using the wizard and the client configs exported using an addon to pfSense created for that purpose.
Good luck!
1 Like
What’s about Softether VPN, Anyone has been using this OpenVPN alternative, I 've tested it in windows a few days ago it’s fine, I’m not sure about Linux platform.
Reviews, Thanks.
Bit late to the conversation, but I’m using ZeroTier (https://www.zerotier.com/) and it’s been faultless.
You just install and start a daemon on all your hosts, then join them to your network on the ZeroTier web UI (ZeroTier Central).
What you get is a secured VPN network between all your hosts. Assuming each host has Internet access and the daemon is running (mine all start on boot), your other hosts will be accessible. Absolutely hassle free.
It uses efficient routing so two node on the same physical network route directly, whereas my laptop on some WiFi connection elsewhere will route (encrypted) via their servers.
They support both IPv4 and IPv6 and appear to have an android app, though I haven’t used it.
Have I sold it enough? 
2 Likes
Phones? Mac and Linux support?
I use it on two raspbian nodes and my Arch Linux laptop with no issues.
They have Android and iOS apps with good reviews, and Windows and Mac apps, but I can’t verify those.
Hi all, quite an old thread, but would anyone have strong reasons against installing http://www.pivpn.io on the same Raspberry Pi as openhab?
Thanks a lot!
What router do you have? Back in the days (hey I’m only 34 lol) I had to run my own VPN server but with new routers, most of the modern ones come equipped with a VPN solution.
I do it like this on a fritzbox. AVM has it´s own free dyn-dns service called myfritz, so you dont have to pay one else or verify the account every few weeks.
Of course you only can use it if you use a fritzbox
On my smartphone i use vpncilla in a free-version and on my “company-laptop”(no idea if thats the word for Firmen-Laptop) also free-version of shrew. It works now for some years without any problems
I loved to use that one, however since changing to a faster internet-provider I can’t use it anymore. The company is providing an “DualStack Lite” connection (own IPv6 and IP4 adress only outgoing, incoming !Pv6 and for IP4 a shared adress). Sadly I’m using the same provider for my moblie, but for mobile connections this company does NOT use IPv6, so a connection via IPv6 only is not possible.
Still looking for a secure solution which enables to connect from my mobile to the home LAN.
I have a pfSense box from Netgate. It makes the setup really simple, although there is no reason you could not install the same software on your own hardware.
The pfsense box runs openvpn. I have openvpn clients for Windows, OSX, and Android. (No iOS here, so I don’t know how it works.) You start the vpn client on your device and it gets secure access to your LAN.
The latest Android can keep the VPN up all the time.
I access my OH via the phone browser from anywhere, easily. I can ssh in and do anything I need to.
Having VPN access to your home network is great.
Same as my Asus router using the merlin firmware, but I guess even the official Asus firmware has openVpn by default. I’m connected to my home vpn basically 24/7
This Might be off topic. i want to setup a vpn into my network (openhab network)
i have a regesterd domain that i want to use. as my vpn. have a sub domain for that . can some one point me in the right direction.
PLEASE. I have a raspberry and a laptop(laptop is my openhab server )
Raspberry pi is my node red alarm module.
how secure is it ?
(l2tp & IPsec) preferred if possible ?
PiVPN use OpenVPN and you can set security level up to 521-bit encryption.
I have OpenVPN on my RPi.
If you don’t share the keys it should be save ;-).
I additionally installed Fail2ban to avoid abuse.
If your laptop runs windows you could then use windows RDP very easy.
my laptop runs ubuntu server.