Why a Second VPN?
My primary VPN runs on my router using UDP, which is fast but not always reliable on restrictive networks. This Pi-based OpenVPN setup acts as a fallback that always works.
Self-Signed Certificates
The Pi acts as its own certificate authority, generating and signing certificates for both server and clients. This keeps everything fully under my control without relying on third parties.
TCP Over Port 443
Running OpenVPN over TCP on port 443 makes the traffic look like standard HTTPS, allowing it to pass through networks that block typical VPN traffic.
The Tradeoff
It’s slower than UDP due to added overhead, but reliability matters more when you need access.
Unlocking the Rest of the System
This VPN provides secure access to everything else running on the Pi:
• Jellyfin media streaming
• Network file shares
• Network-wide ad blocking
Built on the Pi
This is just one piece of the full setup: See the Raspberry Pi foundation