Create a Full tunnel user in PiVPN
- Part 1: Enable SSH
- Part 2: Install Pi-Hole
- Part 3: Install PiVPN
- Part 4: Create a Full tunnel user in PiVPN
- Part 5: Create a Split-tunnel user in PiVPN
- Part 6: Setup PiVPN Endpoint Device
- Part 7: Remove PiVPN user/client
Typing “pivpn” will show you all of the available options of PiVPN.
Now that PiVPN is running, it’s time to add device profiles to the VPN and grant them the permissions they need to be able to connect.
Ideally you will want to create a new client account for each device that will be connecting remotely to your VPN. This is a best practice, and my recommendation. It gives you the granular control, per device, in case you need to revoke or regenerate a device’s credentials. It’s easier to redo one device then it is to redo every device.
To add your user, type the following command below.
pivpn addThen add the name of your user.
In my example, my user is named “P-W-W-F”
Just like that you’ve added a user to your VPN!
Repeat the above steps as many times as necessary to add profiles for every device that will be connecting to your VPN.
This default setup will create a user with a “full” VPN, meaning that all of their traffic is going to get routed thru the Internet over to your RPi. Your RPi will then determine what traffic is meant for your home network, and anything else will get re-routed back out of your home network to the Internet.
The config can be copied to the home config directory if you choose. This will make it easier if you are going to manually transferring a config file to a device
To copy or backup your configuration files use the following command:
cp /etc/wireguard/configs/P-W-W-F.conf /home/pi/configs/P-W-W-F.conf
Next Article in this series: Part 5: Create a Split-tunnel user in PiVPN