from aprehendedmerlin@lemmy.dbzer0.com to privacy@lemmy.ml on 17 Mar 2025 14:28
https://lemmy.dbzer0.com/post/40181546
Hi guys as title suggests I have a pi 4b 4gb and basically I want to connect it to my isp provided router (wired connection via a lan cable) and run an openvpn config on it and then connect it to an access point that i already have (this one is wired too via a usb to RJ45 adapter and lan cable). I know that I need to flash openwrt image on an sdcard and install it on pi4 but I don’t know how to configure openwrt after that and honestly the guides on the forums and internet are a little confusing (I’m not that tech savy) also I read that not all usb to RJ45 adapters work with openwrt on pi4 but I don’t know which one to buy. can anyone show me a fool proof guide or tell me what I need to do? Edit: thank you all amazing people for your input I found a Google wifi mesh solution second hand (ac-1304 model) that is supported by OpenWRT latest firmware for a good price and I went with that. Gonna find a proper use case for my Raspberry Pi in the future for now gonna keep it as a tinkering device.
threaded - newest
You’re not going to have fun when using OpenVPN. Even Wireguard will be a stretch. The Raspberry Pi does not have any hardware cryptography acceleration built-in and the raw compute power is very limited.
EDIT: Maybe you’re going to have acceptable speeds after all? Take a look at the Raspberry results here: github.com/cyyself/wg-bench?tab=readme-ov-file#te…
You could use Tail Scale. It runs great on a Pi
Can I run OpenVPN configs on it and use it as a roiter
Define great. Tailscale doesn’t even run Wireguard on the kernel level, but in user space.
I already have a pi4B just wanted to find a use case for it. Is it really that bad? so how consumer routers with a fifth computing power run vpns?
Sell it and get something more suited to the task instead of trying to shoehorn it onto a pi.
I think you’re right. I guess I need a wired router that can run OpenVPN on stock firmware or supported by and OpenWRT can be installed on it and has the hardware needed to run OpenVPN clients. The problem is I don’t know what to buy now and honestly where I live there are not many options
With hardware acceleration.
Computing power isn’t just a general quantity. Networking devices have dedicated chips in them to perform various parts of processes. (Encryption, decryption, encoding, decoding, compression, decompression, etc.)
That’s hardware acceleration. There are chips that are super efficient and powerful but they can only do that one thing.
That’s fine if you know exactly what the device is going to be for, so you can put in the exact chips it needs to do only what it needs to do.
Makes sense Well explained thanks. I guess I’ll find a dedicated VPN router
I think GL.inet has tiny ones you can use.
gl.iNet definitely shows your expected VPN speed (OpenVPN and Wireguard) on their product pages, which is great.
Still, if you need gigabit speeds, those devices usually can not provide that.
I checked GL.inet is not available where I live
Ran WireGuard on a Pi1 and it was fine for two users. Albeit WireGuard was the ONLY thing running aside from a Gitlab Runner.
A 4b should be more than enough for many use cases except things that cause torrents of packets - but even then YMMV. It really depends on the workload.
One bit of advice: if you can, use a storage device other than the micro-sd slot for the 4B. Again YMMV.
Just install Raspbian and PiVPN and forward the right ports dude; Less complicated
Thanks but I think you misunderstood. I don’t want to run a VPN server I want to run a openVPN client on a router
Can you just get your own Router and use that instead of the ISP one? Then you can flash whatever firmware you want on it and you can run the openvpn/wireguard client at the router level. You won’t need to combine the Pi with it.
What should I buy that supported by OpenWRT?
I think most consumer routers let you flash firmware. I believe certain Asus ones do, but obviously just validate that before buying it. OpenWRT has a list of supported devices you can check.
I just figured that if you’re doing network stuff then you’d likely want to use something other than the ISP router as those track your activity more (this is a privacy community after all) and lock many features you may need.
I checked OpenWRT table of hardware and there were some Asus and Mikrotik models that are available where I live but I don’t know which one to buy that sufficient hardware for running ovpn clients
Does it need to be openwrt? What about tomato or asus-merlin? I think any of those should work, no?
What are these and how does it change anything?
They’re other popular router firmwares. What do you mean how does that change anything? I’m suggesting them because they may have a wider list of compatible models.
OK I’ll look into them thanks
Mikrotik wont need openwrt unless you are dead set on having an open source OS on your device.
Mikrotik supports all sorts of VPN connections, both client, server, and site to site. You could even get creative and have it for certain services or IP addresses.
If you get one of the more modern devices it will support a pretty chunky VPN as well, mine can get over 600mbps without much hassle.
Thanks. I know routerOS is pretty capable but I’m also aware it’s not noob friendly at all that’s why I want to flash OpenWRT on it. I’m not sure which one to buy, I found RB750GRE hex model for a good price and it’s supported by OpenWrt too but I’m not sure it can handle openvpn or not
They should all be able to run a VPN, its just the speed you’ll get through it that will vary. That particular model is pretty old now I would not get that unless your budget is limited. The refreshed version of that is the E50UG, which is a lot more powerful, but its still a budget device. I have no idea when openwrt will be coming for the refreshed hex, but it should not be that long as other arm devices from mikrotik are supported.
It requires a bit of work to setup routeros but the guides for the common tasks are easy enough to follow. Its only if you want to do something outside of the guides or miss a step that it becomes a PITA if you aren’t familiar with networking.
Yeah I know open-vpn speeds are not gonna be pretty. I’ll try wireguard or AnyConnect configs on it. about the device yeah it’s a few years old but I can’t find new version here. I guess that’s what you expect when living in a third world country
If you can wait I would, the OG hex is pretty damn slow. I have one as a backup router and even then I wouldn’t want to use it long term.
I bought second hand Google mesh solution that is supported by OpenWRT latest release
Nice, sounds a lot better than the Hex
Yes I found it(ac-1304 model) by chance. They have a Quadcore chip and 4GB Flash storage and 1 GB memory
I miss not being a CGNAT user.
You have the pi, give it a go.
If it’s inadequate then i’d recommend a used fanless thin-client type PC, such as a Wyse 5070, just make sure it comes with PSU and a few GB of RAM and SSD. And check reports of how much power it uses at idle.
Thanks I will try running Wireguard on pi4. I never considered tin-clients before. What kind of OS these have? Can they run VPN clients?
Usually they’re normal x86 PCs with nothing unusual about them so just your Linux/BSD distro of choice. You can look up the processor model to see what crypto acceleration it can do, or see if there’s any wireguard benchmarks available.
Some have interesting processors like PowerPC, or other strange hardware, but avoid them unless interesting is what you’re after.
Sounds interesting I’m looking for a good mikrotik router right now. Going to look for these too thanks
This may be helpful if you haven’t found it yet. It has a full list of instructions to flash and configure openwrt on the rpi 4 with wireguard VPN. It says you can also do it with openvpn, but claim the speed was much slower.
instructables.com/Highspeed-VPN-Router-With-Raspb…
Thanks I haven’t seen this guide before. It looks easy enough to follow
Maybe this one ? www.pivpn.io
Thanks but this is VPN server setup not a client
I used RaspAP for the purpose lately, comes with VPN support built in
Thanks This looks like exactly what I need. Installation seems easy enough. How do I configure it afterwards?
It sounds like a fun tinker project, but I don’t think the hardware will perform as well as you hope.
Yeah like know open-vpn not gonna run well on it but wireguard is ok