Post

Using NordVPN and a Raspberry Pi to Create a Secure Internet Gateway

Posted
By Manuel Laggner
4 min read
Using NordVPN and a Raspberry Pi to Create a Secure Internet Gateway

Do you ever wish you could route all your internet-connected devices through a VPN, even the ones that don’t support VPN clients natively? Using a Raspberry Pi and a NordVPN subscription (if you don’t have a subscription yet, you can use my affiliate link1 to get one), you can set up a personal VPN gateway that encrypts all outbound traffic—great for privacy, security, or accessing region-locked content.

In this post, I’ll walk you through how to turn a Raspberry Pi into a NordVPN-powered gateway. I’ll also cover relevant concepts like how VPNs work, what a gateway is, and why this setup can benefit you.

🌐 What Is a VPN Gateway?

A VPN Gateway is a device that connects your local network to a remote VPN server. When your device sends data, the gateway encrypts it and sends it to the VPN server before it reaches the wider internet. This way, all your traffic appears to come from the VPN server—not your home IP.

In our case, the Raspberry Pi (1) acts as the gateway.

💻 Why Use a Raspberry Pi?

The Raspberry Pi is:

  • 💸 Affordable
  • ⚡ Energy-efficient
  • 🧰 Easy to configure
  • 🕒 Perfect for 24/7 use

You can set it up as a router or DHCP server, but for simplicity, we’ll configure it as a VPN gateway that sits between your router and your device.

🧾 What You’ll Need

Before we get started, make sure you have:

  • A Raspberry Pi 3 or later (Pi 4 recommended)
  • 💾 A microSD card with Raspberry Pi OS installed
  • 🔐 A NordVPN account
  • 🌐 (optional) A second network interface (e.g., USB Wi-Fi adapter or Ethernet)
  • 🧑‍💻 Basic command-line knowledge
  • 📱 A device (laptop/phone) to connect through the Pi

⚙️ Step 1: Set Up Raspberry Pi OS

Start by flashing Raspberry Pi OS (Lite or Full) onto your SD card using the Raspberry Pi Imager. After initial boot:

1

sudo apt update && sudo apt upgrade -y

Then, set a static IP for your Pi (you’ll need it as a gateway). Edit the DHCP config file:

1

sudo nano /etc/dhcpcd.conf

Add something like this at the end:

1
2
3
4

interface eth0
static ip_address=192.168.1.2/24
static routers=192.168.1.1
static domain_name_servers=1.1.1.1 8.8.8.8

🔐 Step 2: Install and Configure NordVPN

Install the NordVPN CLI:

1

sh <(curl -sSf https://downloads.nordcdn.com/apps/linux/install.sh)

Then log in and connect:

1
2
3

nordvpn login
nordvpn set technology nordlynx  # Use WireGuard
nordvpn connect

To make sure the VPN starts on boot and stays active:

1

nordvpn set autoconnect on

Check your connection with:

1

nordvpn status

🔁 Step 3: Enable IP Forwarding and Configure NAT

Your Pi needs to forward traffic from other devices to NordVPN.

  1. 📝 Enable IP forwarding:
1

sudo nano /etc/sysctl.conf

Uncomment or add:

1

net.ipv4.ip_forward=1

Apply immediately:

1

sudo sysctl -p
  1. 🔀 Set up NAT with iptables:
1
2
3

sudo iptables -t nat -A POSTROUTING -o nordlynx -j MASQUERADE
sudo iptables -A FORWARD -i wlan0 -o nordlynx -j ACCEPT
sudo iptables -A FORWARD -i nordlynx -o wlan0 -m state --state RELATED,ESTABLISHED -j ACCEPT

Replace wlan0 with the interface your devices will connect to.

  1. 💾 Save the rules:
1
2

sudo apt install iptables-persistent
sudo netfilter-persistent save

📶 Step 4: Configure Raspberry Pi as a Wi-Fi Access Point (Optional)

If you want to connect other devices via Wi-Fi:

  1. 📦 Install required packages:
1

sudo apt install hostapd dnsmasq
  1. ️️✍️ Configure hostapd:
1

sudo nano /etc/hostapd/hostapd.conf

Example:

1
2
3
4
5
6
7
8
9
10
11

interface=wlan0
driver=nl80211
ssid=VPN-Gateway
hw_mode=g
channel=7
wmm_enabled=0
auth_algs=1
wpa=2
wpa_passphrase=YourSecurePassword
wpa_key_mgmt=WPA-PSK
rsn_pairwise=CCMP

Then point hostapd to this config:

1

sudo nano /etc/default/hostapd

Set:

1

DAEMON_CONF="/etc/hostapd/hostapd.conf"
  1. 🛠️ Set up DHCP server using dnsmasq:
1

sudo nano /etc/dnsmasq.conf

Add:

1
2

interface=wlan0
dhcp-range=192.168.4.2,192.168.4.20,255.255.255.0,24h
  1. ⚓ Assign static IP to wlan0:
1

sudo nano /etc/dhcpcd.conf

Add:

1
2
3

interface wlan0
    static ip_address=192.168.4.1/24
    nohook wpa_supplicant

Then enable services:

1
2

sudo systemctl enable hostapd
sudo systemctl enable dnsmasq

🔁 Reboot the Pi.

🧪 Step 5: Test Your VPN Gateway

Connect your laptop or phone to the Raspberry Pi’s Wi-Fi network (or via Ethernet). Visit https://whatismyipaddress.com to check if your traffic is going through the VPN.

You should see the NordVPN server’s IP address instead of your ISP’s.

🧠 Final Thoughts

Setting up a Raspberry Pi as a VPN gateway using NordVPN is a powerful way to secure all your devices—even ones that don’t support VPNs. It’s a fantastic use case for a low-power Raspberry Pi and gives you full control over your network’s privacy.

This project also teaches essential networking skills like NAT, routing, and working with iptables. Whether you’re privacy-conscious, a traveler trying to beat geo-blocks, or just someone who likes cool DIY network projects—this is a great one to try.



  1. Affiliate link - if you make a purchase through this link, I may earn a small commission. There are no additional costs for you. Of course, when, where, and how you buy a product is entirely up to you. ↩︎ ↩︎2

security & privacy
linux raspberry pi NordVPN
This post is licensed under CC BY 4.0 by the author.