Virtual Private Network for Multiple Platforms – Part 1

For Smart home servers or local deep learning server, you may want to keep them inside a private network, or local network for security reason. To access those servers from outside, it’s necessary to setup a virtual private network (VPN)

Assume that we have 3 nodes:

  1. Server node (servernode, it has public IP address, and VNP IP will be 10.0.0.1)
  2. Deep Learning node (odroidnode, VNP IP address will be 10.0.0.2)
  3. Mobile node (androidnode, VPN IP address will be 10.0.0.3)

We want to connect from (3) to (2) through (1) via VPN called facebit_vpn

Red text means you need to update to match your config.

Step 1: Setup Server node

Download and install tinc

Config server node (name is servernode)

Now generate the public/private keypair for this host with the following command:

This command will create private key here:

Create script to run tinc

Create script to stop tinc

Made those scripts runable:

Step2: Setup other nodes

First, we need to install tinc

We will setup Deep learning node, called odroidnode

Create folders (netname here is facebit_vpn), hosts folder, and then create tinc.conf

 

Next step is to generate keypair for each client, by doing:

And edit the hosts config, adding Subnet address on top

 

Create script to run tinc

Create script to stop tinc

Made those scripts runable:

Step 3: Exchanging public keys between nodes

Send public key from odroidnode to servernode via scp

From servernode to odroidnode, we don’t have public IP of odroidnode, so we should request key from odroidnode:

Step 4: Testing

Start the daemon on servernode first with debug option

Then start daemon on each node, you should be able to ping or see the connection log between them.

Press Ctrl + \ to send quit signal to daemon.

Step 5: Load VPN on boot

For Ubuntu

Creating nets.boot:

Then start it

 

For Raspbian:

nets.book won’t work. We need to create a service and runs under systemd

And input:

The most important parameters are path to tincd and working directory.

 

Notice: servernode must be started first!

Congrats, now we have working VPN between 2 nodes

Please see Virtual Private Network for Multiple Platforms – Part 2 for Android configuration.