Hi Garry,
I'm looking into installing a couple of VPNs for our local church and wanted to try out using a VPN on my home network (before doing it at the church) as this is a new area of networking for me.
I know it's a long time since you posted on this topic - but do you still recommend PiVPN ??
I just want to try things out before suggesting the church purchase a monthly subscription.
Kind regards from David.
To be honest Dave I have not done anything for quite a while with PiVPN.
I did, however, try it on a local Pi when I first heard of it and it worked well.
Bear in mind the warnings about VPN usage, which a lot of people have posted here.
I didn't know it required a subscription!!!!
Garry
It doesn't need a subscription - but the commercial versions do.
It does not give one a good feeling to see on their home page that one should install the latest Jessie image to the Pi.
I wrote a blog about how to install OpenVPN from scratch on a Pi. I updated it for Stretch but haven't updated it for Buster yet, though I would be surprised if there were any major differences.
http://blog.clanlaw.org.uk/2016/07/30/A-complete-vpn-server-for-under-20-ukp.html
I'm reading on Github they had some problems with Raspbian buster, but for two days it's supposedly supported by merging support into the master branch: https://github.com/pivpn/pivpn/issues/775
There are open bugs on raspbian buster, but it's needing more information from the one reporting as it appears the new fix isn't tested there yet
Nice write up Colin.
One point to note that we do with most of our installs - change the default port to 443 (unless you have a need for that incoming on your firewall) - we find that a LOT of locations now block VPN ports (airport lounges, hotels etc etc) and by usng TCP 443 a much higher percentage of users are able to connect without us needing to get involved)
Craig
Interestingly I have not once had that problem. However you make a good point, I have made a note to add how to use a non-standard port when I update it for Buster.
Yes, it is very common for corporate networks to block most ports. Sensible from a security perspective though annoying for power users.
Many corporate/public-sector networks will also have smart filtering systems enabled which assess risk for new connections dynamically. So you can occasionally find that you can connect the first time to something and then not connect a second.
Of course, if the network traffic is legitimate corporate traffic, you should contact your IT department and get them to enable the address/port for you. Some will and some will ask for firstborn children before they will consider any changes 
Copyright OpenJS Foundation and Node-RED contributors. All rights reserved. The OpenJS Foundation has registered trademarks and uses trademarks. For a list of trademarks of the OpenJS Foundation, please see our Trademark Policy and Trademark List. Trademarks and logos not indicated on the list of OpenJS Foundation trademarks are trademarksā¢ or registeredĀ® trademarks of their respective holders. Use of them does not imply any affiliation with or endorsement by them.
The OpenJS Foundation | Terms of Use | Privacy Policy | OpenJS Foundation Bylaws | Trademark Policy | Trademark List | Cookie Policy