Easiest free home VPN options?
March 4, 2015 2:55 PM   Subscribe

I use some services that only work when I am on to my home network connecting through my internet provider's router. I'd like to use this service when I am elsewhere. I'd like to set up a VPN so I could appear to be home when I am elsewhere.

I've looked into this before and found it confusing and complicated. Is there a simple, free home VPN option that would do what I need? It doesn't have to be too simple, I do have a lot of computer experience, but I haven't been able to figure this one out.
posted by Drinky Die to Computers & Internet (6 answers total) 3 users marked this as a favorite
 
i have something like this working. it's not simple, but it is free. my recipe is a powerful home router, flashed with custom firmware that includes an OpenVPN server. this also has the advantage of keeping me free of stock router firmware; the stuff from the manufacturers is horrible in many ways.

i use the "shibby" flavor of the tomato firmware running on an ASUS router. there are two big hurdles... choosing and installing the right firmware, and then configuring OpenVPN to let clients out on the internet connect to OpenVPN.

this second part is particularly hairy, because internet security is inherently complex (e.g. generating key file pairs in the right format). when i set mine up, it took a whole weekend of sifting through online tutorials. but now it works and i don't have to pay for it. setting up your OpenVPN clients is another big headache.

i would guess that someone (eero?) is going to release something more friendly. but VPNs are always going to be a niche service. if you find a simple turnkey solution, i'd wager that it will be expensive. Cloak looks promising, but they charge a subscription fee and are apple only(!) for now.
posted by bruceo at 3:26 PM on March 4, 2015 [1 favorite]


depending on the home machine you want to connect to. with windows 7/8 pro series you could extend the rdp port from the gateway device, and have some sort of dynamic update dns to follow it.

with macs they also have remote desktop, and for linux I would just say ssh.

even simpler are software like gotomypc that encapsulate all thw configuration and setup in a product.
posted by nickggully at 3:41 PM on March 4, 2015


Run an ssh server on your home computer, connect to it with
ssh -D 7777 homecomputer
and set your network connection to use localhost:7777 as a SOCKS proxy.
posted by Phssthpok at 4:19 PM on March 4, 2015 [1 favorite]


If you do run a world-visible SSH server, make sure your passwords are up to snuff. You will be hammered with brute force attacks 24/7. There's a lot you can do to mitigate this, including non-standard listen ports, fail2ban, and certificate-only logins, if you want to do some studying (you should).
posted by ryanrs at 7:47 PM on March 4, 2015 [2 favorites]


Is there any chance you can set those services to respond only to a third IP address, then use that as a VPN from both home and work? Setting up a VPN on an Amazon EC2 instance isn't that hard, and lets them do the security. (Or a paid VPN, I guess, but Amazon is free for a year)
posted by ctmf at 9:01 PM on March 4, 2015


OpenVPN is a pain in the ass, but if you are comfortable hacking computer configs you can get it working. I did what bruceo suggested; run the OpenVPN server on my router (also Tomato/Shibby, but DD-WRT and friends will work). My clients are Tunnelblick on Mac and Windowss and OpenVPN Connect on iOS. The hard part there is creating the OVPN config files for the clients. There's a tool called easy-rsa that generates them for you but it's awfully manual. Here are my detailed notes on how I set it up.

You may decide it's worth a few bucks a month to pay a VPN service to do this for you. I like Cloak. The drawback there is you won't appear to be at home, but rather some random IP address. Worse the Cloak endpoints are often on hosts that are blocked for being spammy; Yelp for instance froze me out.

There's also a lot of half-solutions using ssh, particularly if you are only worried about web traffic. sshuttle is worth a look, it's a Linux/Mac tool that simulates most of a VPN over an ssh link. It's not as good as OpenVPN but is a lot easier to set up.
posted by Nelson at 11:31 AM on March 5, 2015


« Older My cat is getting spay surgery! Help!!   |   Relationship anxiety went from non-existent to... Newer »
This thread is closed to new comments.