How to create a VPN

Who I am
Judit Llordes
Author and references

Preliminary operation

The operation of creating a VPN, in itself, is really simple: all you have to do is make a couple of clicks or issue some commands from the Terminal. What can take a while, however, is the steps you need to take to get your computer and your network ready to host a VPN.

First you need to sign up for a dynamic DNS service, after which a static IP address on the computer that is to host the VPN. Finally, you have to open the NAT ports of the router, in order to allow access from the outside. Are you already afraid of being "lost" among all these technicalities? Don't worry, in the following paragraphs I will provide you with all the instructions you need to succeed in the enterprise.

Configure dynamic DNS

Before getting to the heart of the matter and configuring your operating system to "host" a VPN, I recommend that you sign up for a service Dynamic DNS. Haven't you ever heard of it? Don't worry, I'll briefly explain what it is: as I have already explained to you in my tutorial on how to find out and view what your IP address is, each connected device is reachable on the Internet via a numerical (or numerical and literal) sequence called , in fact, IP address.

In most cases, ISPs assign their customers a dynamic IP address, ie an IP that changes every time the modem disconnects and reconnects to the Internet: this could be a “problem”, since it is not possible to know in advance the next dynamic IP assigned. Consequently, in case you want to connect to your homemade VPN, you need to get the IP address of your router in advance, which however could change at any time.

This problem can be solved with the services of Dynamic DNS, ie platforms that offer the possibility of associating a string of characters (eg. to your IP address, which can be easily stored, and which can be automatically "updated" over time: in this way, to to reach your VPN, you will simply have to memorize its literal address, without worrying about the numeric IP instead.

One of the best dynamic DNS services is definitely which, in addition to being completely free, offers programs for Windows, macOS and Linux platforms that can re-associate the IP address of the computer to the “literal” address in a completely automatic way. To register at, connect to this Internet page and enter your address in the fields provided e-mail, a Password it's a hostname hostname: the latter, in particular, is the one you need to memorize to connect to your VPN (eg. If you want to change the "final" part of the hostname, you can change the drop-down menu immediately next to the entry box.

Once you have filled in all the required fields, remove the check mark from the box Send me newsletters & special offers, pigia sul pulsating Free Sign Up and click on the button Confirm address present in the confirmation email that is automatically sent to your inbox.

Once registered for the service, you must download the program that allows you to "associate" your IP address with the chosen hostname: to do so, connected to this Web page, press the button Download Now and wait for the file to download to your computer.

These poisons are Windows, start the aforementioned file, then press the buttons I AgreeInstall and Finish, enter yours in the program screen username and yours Password and click on the button Sign In. If necessary, check the box relating to the newly created hostname, located in the new panel, click on the button Save and wait for the three green check marks to appear in the main program window. If you want, you can minimize the program by clicking on located at the top right.

If, on the other hand, you intend to set up your VPN on Linux, you will have to act almost completely from the command line. Open the terminal recalling it from main menu of your distribution or from Activity view, type the command cd ~ / Downloads I awarded Submit, repeat the operation for the commands tar -xfvz noip-duc-linux.tar.gz and then type cd noip-2.1.9-1 /, then type the command sudo apt install make gcc, Followed by Submit.

Once this is done, start the compilation and configuration procedure by issuing the command make && sudo make install: when prompted, type the Linux administrative password and piggy Submit, then type thee-mail login to no-ip always followed by Submit, then type the relative Password and piggy five times Enteruntil the text appears mv /tmp/no-ip2.conf /usr/local/etc/no-ip2.conf.

Although the previous operation must be performed only once, you must manually start the no-ip client every time you intend to use your VPN: you can do it very easily, always from the terminal, by typing the command sudo noip2 followed by Submit.

Assign a static local IP

Once the hostname is associated with the IP address, there is a need for assign a local IP address static to the computer on which you intend to create your VPN. The easiest way to do this is through the router: in general, what you need to do is first connect the computer to the network, then enter the router, access the section LAN settings devices, select the option for Booking addresses or atadded DHCP association (alternatively, you can place a check mark on the item relating to the assignment of a fixed IP), type the address to assign to the computer (eg. and save the changes.

Unfortunately, I can't be more specific about assigning static IP addresses, as each router has slightly different options. In principle, however, you should be able to achieve the purpose using the instructions I have already given you: in the unfortunate case you do not succeed, I recommend that you refer to my guide on how to assign static IP to get more information about it.

Open the NAT in the router

The last thing to do, before moving on to the actual configuration of the VPN on your computer, is to open the NAT in the router, that is to make the listening ports associated with the VPN service accessible from the outside.

To do this, log in to your router (you can follow my dedicated guide to find out how to proceed), go to the section relating to port ForwardingVirtual Server, insert where required thelocal IP address server (the static local IP address of the computer you set in the previous section), the door to open and protocol. As for the VPN, you have to open the ports 47 1723 with protocols TCP e UDP.

If the instructions I gave you were not enough and you could not find the section that allows you to open the ports on your router, I invite you to consult my guide on how to open the NAT to get the exact sequence of steps to be applied to achieve the goal.

How to create a VPN on Windows

Now that you've finally got everything in place, it's time to take action and create a VPN on Windows. As I already mentioned to you, the PPTP protocol: although it is not easy to exploit the vulnerabilities, I remind you once again that it is quite a protocol obsolete, therefore I advise you to use the VPN thus created aware of the possible risks. Also, keep in mind that such a VPN server can accept at most one customer at a time.

Having said that, it's time to take action: start the Control Panel looking for it in the menu Home (Accessibile proceeds il pulsado a forma di pennant located in the lower left corner of the screen), click on the item Rete and Internet, then on the voice network and sharing center and, from the left side of the window, select the item again Modify impostazioni scheda.

Once this is done, press the button Other on the keyboard to display the menu bar, select the menu File> New Inbound Connection ..., select the computer users authorized to access it, by placing the check mark on the corresponding boxes, and presses the button NEXT. If necessary, you can create new ones by pressing the button Add user ... and filling out the proposed form.

In the next panel, put the check mark in the box Through the Internet, click here NEXT, tick the boxes Internet Protocol Version 4, File and printer sharing for Microsoft networksQoS Packet Scheduler, then select the item Internet Protocol versione 4 e pulsing sul pulsating Property.

At this point, put the check mark on the box Specify IP addresses and enter in the appropriate fields the starting IP address and the final IP address to be assigned to the devices that will connect to the VPN. For example, if you intend to reserve more than 50 IP addresses (well aware of the fact that, as I explained earlier, you can only use two at the same time), you can use as a starting address e as the final IP address.

Adesso, click on the button OK and, once back in the main window, on the button Allow access. Then wait for the message that the VPN has been created and click on the button Close.

You can check the number of devices connected to your VPN using the icon Inbound connections, collocata anch'essa in Control Panel> Network and Internet> Network and Connection Sharing Center> Change adapter settings. To delete the VPN, right click on the icon instead Inbound connections, select the voice Delete from the proposed menu and presses the button Yes.

How to create a VPN on Linux

Also regarding Linux, the procedure I'm about to walk you through is about creating a protocol-based VPN PPTP: I want to remind you, once again, that this is a fairly old protocol. although not very easy to violate.

Aware of this detail, the time has come to take action: first, start the terminal, then type the command sudo apt install pptpd followed by Submit and, when prompted, enter your administrative password followed once again by Enter; if necessary, press the Enter key again to start the installation.

Once the process is complete, what you have to do is declare to the VPN server the IP address of the computer (the one you will connect to) and the IP address space to be assigned to the "guest" devices. To proceed, type the command from the terminal sudo gedit /etc/pptpd.conf, scroll to the end of the text, go to the top by pressing Enter and insert the following in the file.
Of course, you have to substitute for the IP address at localip the one you assigned to the computer acting as the VPN server, and to the set of addresses corresponding to remoteip the ones that your computer has to assign to the "guests" of the VPN. Once the changes are complete, press the button Save located at the top right and close Gedit.

At this point, you need to tell the VPN server which address to use to "convert" the literal addresses into IP (usually the router takes care of this task): to proceed, again from the terminal, type the command sudo gedit / etc / ppp / pptpd-options followed by Enter, if required enter the administrative password, go to the bottom of the file, go to the end of the line by pressing the key Submit and type the following.
man 1490
mru 1490
Substitute your router's IP for the IP address corresponding to ms-dns: if you don't know it, you can retrieve it using the instructions I gave you in this guide. After completing the necessary changes, press the button Save to confirm them, then close Gedit.

The last necessary step is to configure the user who can access the VPN, "declaring" the username and password to be dedicated to it: to proceed, type the command from the terminal sudo gedit / etc / ppp / chap-secrets followed by Submit and enter your administrative password if necessary.

Make sure you are alone (as passwords are shown in clear text), then type the username to access the VPN, press the button TAB on the keyboard (the one usually placed on the Shift key), enter a * (asterisk), press the key again TAB, type the Password, press the button again TAB and enter another *. Once this procedure is complete, press the button Save, close gedit, type the command from the terminal sudo systemctl pptpd restart and finally, the command sudo sysctl -p: your VPN is finally ready! You can turn it off at any time by typing the command sudo systemctl pptpd stop.

How to connect to a VPN

The time has come to enjoy the result of so much effort and connect to the VPN you just created! Don't worry, the procedure is absolutely simple: all you need to have at hand to make the connection is thehostname of your server (the one created through the service no-ip), the username and Password to access the VPN. Once you have written down the information, you can connect to your computer using one of the procedures that I indicate below.

  • Windows 10 - access the notification area by clicking on the button in the shape of comic placed at the bottom right, presses the switch VPN and then on the voice Add VPN connection placed in the new panel that appears on the screen. Select the item Windows give menu to tendin VPN provider, type the name of the connection in the appropriate field, enter thehostname of your server in the field Server name or address, select the voice PPTP (Point to Point Tunneling Protocol) give menu to tendin Type of VPN, scegli l'opzione Username and password from the menu Type of login info and finally, enter the credentials to access the VPN in the appropriate fields and press the button Save. Once back in the panel Settings, click on the VPN icon you just created and then on the button Connect.
  • Windows 7, 8.1 - Open the Control Panel from the menu Home, click on the items Network and Internet, Network and Sharing Center Set up a new connection or network. From the panel that opens, select the item Connect to a corporate network, then click on the item Use existing internet connection (VPN), enter in the field Web address lo hostname of your server, presses the button NEXT, type the username and password where required and then press the button Connect.
  • MacOS - the system preferences manager, for security reasons, does not support connectivity via the PPTP protocol. If you wish to do this anyway, you can make use of a third party program, such Shimo: connect to its main Internet page to download it, start the setup file, drag the Shimo icon into the folder Applications of your macOS and open the program from the aforementioned folder, right-clicking on its icon, selecting the item apri from the proposed panel and clicking on the button again apri. At this point, click on the new icon appeared in the system panel, select the item Preferences from the proposed menu, then click on the button Showcase located at the top, then on the button capacitor positive (+) lead located at the bottom, set the check mark in the box PPTP / L2TP, click here Create, enter the hostname, username and password of your VPN server where requested and press the button again Create. You can connect and disconnect from the VPN using the icon in the system panel.
  • Android - click on the icon Settings placed in the app list of your device, then on the item Other present in the box Wireless and ret and, finally, on the option VPN. At this point, touch the button capacitor positive (+) lead located at the top right, type a name for your connection, select the item PPTP give menu to tendin Type and type in the field Server address your VPN hostname. If necessary, you may be prompted to set up a PIN, password, fingerprint, or unlock pattern for storing credentials. You can connect by simply tapping the name of your VPN and entering, when requested, the access credentials; you can disconnect from the VPN using the system notification area.
  • iOS - unfortunately, as already seen for macOS, the operating systems for iPhone and iPad no longer have support for configuring VPN with PPTP protocol, due to the obsolescence of the latter: consequently, it is not possible to connect to such a VPN.

Best VPNs

If you've made it this far, I'm sure you've mastered everything about building a VPN. Wait, are you telling me that you find it all too complex and that, alternatively, have you thought about relying on an "external" VPN service? Then I suggest you try the ones given below.


The first service I want to tell you about is NordVPN. Thanks to its advanced encryption system, which hides the activities related to online browsing from those outside (be it the Internet provider, a potential attacker or the NordVPN operators themselves, who do not record anything of what users have done) and its ease of use, NordVPN is one of the most used VPN services in the world.

It can count on a wide range of servers located in various corners of the globe and is available on all the most popular hardware and software platforms. The many servers available, some of which are dedicated to exchanging files on networks P2P (eg. BitTorrent) and surfing the net Tor (Onion protocol), allow to overcome the regional restrictions of all countries and to access foreign catalogs of streaming services. There are also some that can provide a static IP.

Another point in favor of NordVPN is its compatibility with all major hardware and software platforms: NordVPN is in fact available on computer (Windows, MacOS e Linux), mobile devices (Android and iPhone / iPad), Smart TV Android TV, NAS, Raspberry Pi, router and more.

As for prices, the service offers several plans: the most convenient one allows you to use NordVPN for 2 or 3 anni in base alle promo in corso less than 3 euros / month (billed annually); alternatively you can use the service for 2 years to 2,97 euros / month (billed annually), for 1 year at 3,93 euros / month (billed annually) or per 1 month at 9,56 euros. During promotional periods, extras can also be included in the price (eg password manager North Pass, worth $ 194.61). It should be noted that all plans allow the use of NordVPN on up to 6 devices at the same time and come with a 30-day money back guarantee.

That said, let's take action. To start using NordVPN, connect to the official website of the service, choose the plan to subscribe and create your account following the instructions on the screen (the most varied payment methods accepted are: card, PayPal, Apple Pay, Google Pay, Cryptocurrencies , Alipay etc.).

Once registered and logged in, if you want to use NordVPN on your PC, download the official client of the service and install it. Up Windows, then open the .exe file che hai ottenuto, click on the button Yes, wait for all the files necessary for the program to function correctly to be downloaded from the Internet and click Next, install e Finish. On Macinstead, go directly to the Mac App Store.

To install NordVPN on a smartphone or tablet, the procedure is even simpler: open the store of your device (eg. Play Store on Android or App Store on iPhone / iPad), search NordVPN inside the latter and first tap onicona dell'applicazione (in the search results) and then on the button Installa / Ottieni. On iPhone / iPad you may be prompted to verify your identity via Face ID, Touch ID or Apple ID password.

Now you just have to start NordVPN on your favorite device, do the Log In with your account details and select the VPN server to connect to - you can choose one nationality, a Specialty server (i.e. one of the servers optimized for P2P, browsing via protocol Onion or with navigation through Dedicated IP) or you can take advantage of the search, to find a VPN server quickly.

Once the connection is established, you can use your favorite shows as normal to browse online, taking advantage of NordVPN's protection. At the end of the session, to disconnect from the VPN, open NordVPN and click on the button Disconnect. For more information, read my NordVPN review - I'm sure it will come in handy.


Surfshark is another VPN service that manages to combine security, ease of use and flexibility at extremely low prices. Thanks to its advanced 256-bit encryption and the many servers it offers (scattered in every corner of the world), Surfshark allows you to browse without limits, protecting your identity and protecting your privacy as much as possible.

This means that neither attackers nor ISPs, and even Surfshark managers themselves, will be able to control your online activities. You can also effectively protect yourself against hacking of public Wi-Fi networks, phishing activities (with the CleanWeb, which allows you to protect yourself from malware, phishing and other harmful / annoying content on the Internet) and you can both bypass censorship and regional restrictions, for example by accessing foreign catalogs of streaming services. You can even create a list of programs and sites that should not use the VPN (function Whitelister) and set a Kill Switch to automatically disable your Internet connection if you disconnect from the VPN.

Surfshark is very easy to use and is available on the vast majority of devices and operating systems: Windows PC, Mac and Linux computer (there is also a Surfshark extension for Chrome and Firefox), Android devices, iPhone / iPad) and Fire TV Stick (via the official Surfshark app). Furthermore, thanks to its smart DNS, Surfshark is also available on those devices that would not normally allow the use of a VPN, such as Smart TV, Apple TV, PlayStation e Xbox.

The prices are extremely low: the most convenient plan is that of 36 months which costs 1,69 euros / month (billed every 36 months); as an alternative there is the plan from 12 months which costs 3,49 euros / month (with annual billing) and the plan from 1 month which costs 9,89 euros.

To start using Surfshark on your PC, all you have to do is visit the official website of the service and click on the button Buy it now. Then choose the piano you prefer and provide us with a valid payment method between credit card, PayPal, Google Pay, Amazon Pay, Cryptocurrency etc. then completing the transaction using the instructions on the screen.

Once the service is activated, all you have to do is install the Surfshark client for Windows or macOS and / or the Surfshark apps for Android or iOS / iPadOS and press the button to start the free trial or enter i login data to log in with your account.

The game is done! To protect your connection, all you have to do is start Surfshark on the device of your interest and press the button Connect, to connect to the fastest and / or nearest VPN server. Alternatively, go to the section Positions and choose one of the many servers available (based on geographic location or characteristics, eg. Static IP).

Within seconds, your connection will be secure and you will be able to browse securely and anonymously online. More info here.

Article produced in collaboration with NordVPN.

How to create a VPN

Audio Video How to create a VPN
add a comment of How to create a VPN
Comment sent successfully! We will review it in the next few hours.