Here at BestVPN we are primarily concerned with reviewing commercial third party VPN services. In this situation, you (the user) connect to a VPN provider’s servers through an encrypted tunnel (which means that no-one, not your ISP or the NSA) can see what passes through that tunnel.
Your internet traffic enters and exits the VPN tunnel through the provider’s server, so the server acts as a proxy masking your ‘real ’IP address. If using a ‘no logs’ and ‘shared IPs’ provider, it is very difficult to trace your internet activity back to you as a person:
User [-> ISP ->] VPN server -> internet (traffic in brackets  is encrypted).
VPN was however originally developed mainly to allow business employees to securely login to their company’s servers when away from the office:
User [-> ISP ->] company server
It is possible to setup a home computer so that it runs much like a business VPN server, allowing you to securely remote login to your home computer, and access the internet through its IP address.
User [-> ISP ->] home computer -> ISP -> internet
Advantages of using private home VPN
- Free – there is no need to pay for a third party VPN service
- Secures your internet connection when using public WiFi hotspots
- Can remotely and securely access content on your computer, and stream movies, music etc. to a remote device
- Home computer acts as a proxy – this is great for accessing geo-restricted web services when away from home, and can be a very effective anti-censorship tool if the user is in a restrictive country and can set up a home server / has friend willing to set up a home server in a less restrictive country. Countries such as China, and geo-restricted services such Hulu, block the IP addresses of well-known VPN providers, but is not an issue if using a private VPN. A private home VPN is also great for circumventing school, collage or work restrictions.
- Home computer acts as a proxy – you access the internet through your home computer’s IP address, so any internet activity can be easily traced to that address. This also means that you cannot just change your apparent location (e.g. to a different country), as you normally can with a commercial VPN provider
- Although the connection between your remote computer and home VPN server is encrypted, your outgoing home internet connection is not. This means that your ISP (and anyone else who is watching) can easily monitor your internet activity
- You will need to keep your home computer on all the time, which is wasteful and will increase your electricity bills.
In short then, setting up a private home VPN server offers many of the advantages of using a commercial VPN service (and is free), but does not provide privacy / anonymity when using the internet.
Setting up a private VPN using Hamachi and Privoxy
Hamachi is software which allows you create virtual networks that operate like regular LANs. It builds a ‘zero-configuration virtual private network’, which means that you do not have to worry about port forwarding or other complex configuration issues (which is definitely a very strong point in its favor). Transferred data is protected using 256-bit AES encryption.
The biggest drawback with Hamachi is that it is proprietary software (i.e. it is not open source), but as we discussed above, private VPN does not provide much privacy anyway, so this is probably not worth worrying too much about (if privacy is a major concern, Tor or a no-logs third party VPN provider are much better options).
The basic version of LogMeIn Hamachi is free and is fully functional, except that it is limited to five members per network, and the free version will not run in the background on idle computers (as the paid version can).
LogMeIn Hamachi is available for Windows, OSX, and Linux (beta).
On order to remotely access the internet through our home PC running Hamachi we will need Privoxy, a free open source web proxy. You could run Privoxy on its own, but all connections would be over unencrypted HTTP, which is why we are using Hamachi.
Privoxy is available for Windows, OSX, Linux, and iOS, and can be used by almost any web browser on any platform.
1. Setup your home PC as a Hamachi VPN server
a) Download Hamachi on your home PC (choosing ‘Unmanaged’ mode) and install. LogMeIn will nag you at various points to sign-up for a free account, but this can be ignored for now.
2. Setup up Privoxy on your home PC to allow secure remote connection to the internet
a) Download, install and launch Privoxy. In Windows, Privoxy launches as blank window, but don’t worry as this is fine, and you can even close the window and Privoxy will continue to run in your system tray. Right-click Privoxy in the system tray, and select Edit -> Main Configuration.
b) Notepad will open Privoxy’s configuration file, called config.txt. Go to Edit -> Find, and search for ‘listen-address 127.0.0.1:8118’. Put a # in front of the line to mark it as a comment, then below it add the line:
listen-address [the IP address shown at the top of your Hamachi window]:8118
3. Configure your browser’s proxy settings
The last step is simply to configure your browser’s proxy settings to point to the Hamachi network IP address (188.8.131.52, Port 8118 in our example).
You can check everything is working by typing ‘http://config.privoxy.org/’ into your remote computer’s browser search bar, and you should see:
You are now using your home computer as a VPN server! All your remote browser’s traffic will be routed through your home computer, and will appear to originate from the IP address of your home computer.
Setup up a Private Home VPN using Hamachi & Privoxy Conclusion
This setup is especially handy for regular travelers. It protects you when using public WiFi hotspots (which are great when mobile roaming charges cost a fortune), and allows you to access your regular internet services (such as Hulu, Netflix, or BBC iPlayer) using your own IP address. This should bypass the increasingly common practice of blocking VPN users from such services.
If leaving your own PC turned on all the time concerns you, another similar option is to to roll your own VPN server on a VPS (Virtual Private Server). This is a bit trickier than using the Hamachi & Privoxy method above, but once setup does mean that you have permanent VPN instance running.