The problem with most vpn services is that the corresponding software needs to be installed on every device individually and might not even be available for a few devices (e.g. if you want to use a vpn service on your ps4). This is where a vpn router/wifi access point based on a raspberry pi can come into play. With this, you can just connect to the pi like you would to your regular router and all your traffic will be channeled through the vpn tunnel.


  • Raspberry Pi (3 preferably. Older versions work as well. In that case you need an additional wifi adapter though)
  • A regular ethernet cable

Setting it up is pretty simple: Connect the raspberry to your regular router by using the ethernet cable. That’s it.

Setting up the access point

First, we will set up the access point. To do this we will assign the raspberry a static ip (here: Edit the /ect/network/interfaces file:

# interfaces(5) file used by ifup(8) and ifdown(8)

# Please note that this file is written to be used with dhcpcd
# For static IP, consult /etc/dhcpcd.conf and 'man dhcpcd.conf'

# Include files from /etc/network/interfaces.d:
source-directory /etc/network/interfaces.d

#allow-hotplug wlan1
#iface wlan1 inet dhcp
#wpa-conf /etc/wpa_supplicant/wpa_supplicant.conf
#iface default inet dhcp

auto eth0
allow-hotplug eth0
iface eth0 inet dhcp

iface wlan0 inet static

Now, we will define the access point. First, install hostapd:

sudo apt-get install hostapd

Edit the file /etc/hostapd/hostapd.conf and add your desired ssid and passphrase::


Lastly, we need to set up the dns service. Install dnsmasq

sudo apt-get install dnsmasq

In this case ip adresses ranging from to can be assigned to connected devices. Edit /etc/dnsmasq.conf:


To finish setting up the accesss point just start the services:

sudo service hostapd start
sudo service dnsmasq start 

Now try connecting to the access point and check if everything works as expected.

Setting up the VPN router

The next part is based on this tutorial on github.

First, set up the vpn on the raspberry. There are a lot of different VPN providers that provide support for the raspberry pi. I am using Cyberhost. You can find the tutorial for setting it up here.

After starting the vpn service we enable IP Forwarding

echo -e '\n#Enable IP Routing\nnet.ipv4.ip_forward = 1' | sudo tee -a /etc/sysctl.conf
sudo sysctl -p

Route the traffic through the vpn

sudo iptables -t nat -A POSTROUTING -o tun0 -j MASQUERADE
sudo iptables -A FORWARD -i tun0 -o eth0 -m state --state RELATED,ESTABLISHED -j ACCEPT
sudo iptables -A FORWARD -i eth0 -o tun0 -j ACCEPT

Save the changes

sudo apt-get install iptables-persistent

Select yes when you are asked if you want to save the current rules. You can also save the rules at a later stage:

sudo netfilter-persistent save

Load the changes at startup

sudo systemctl enable netfilter-persistent

And this is it. Your vpn router/access point is now all set up.