Spud
Regular Contributor
I'm sharing a project on GitHub which I've found very useful as someone who doesn't get IP tables etc.
The script writes the rules necessary turn the NordVPN Linux app (e.g. installed on a Raspberry Pi or Proxmox LXC/VM) into a gateway for any devices you want to route through it. The steps are outlined on the link.
https://github.com/theOtherLuke/nordlynx-router
It provides all the benefits of the NordVPN app, e.g. NordLynx speeds, kill switch, post-quantum encryption, plus Nord's trickery to keep sites like Google working. Other benefits are being able to set cron jobs to refresh the connection whenever you like, or send ssh commands to change/refresh VPN servers. All very convenient.
A couple of things I noted while setting this up:
1) I always WireGuard into my router from the road. I have LAN access, but at the same time route the internet through this VPN gateway. However, if my WireGuard subnet is 10.x.x.x, I found that the Nord app will block the internet. I couldn't see why, it just seems baked in. To get around it, I set up my WireGuard connection on a 192.x.x.x subnet, and Nord works with this fine.
2) The script provider suggested not opening up subnets in the NordVPN app. It's best ignored - open as many as you need. Without it, I couldn't have got it working.
3) It's possible to set up AdGuard Home in parallel, using the VPN tunnel to resolve queries. Point the Nord app at the AdGuard DNS, then configure AdGuard to use NordVPN's DNS servers.
Lastly, I'm using this in a Debian 12 LXC on Proxmox. I haven't tried it on an RPI, but it allegedly should work.
The script writes the rules necessary turn the NordVPN Linux app (e.g. installed on a Raspberry Pi or Proxmox LXC/VM) into a gateway for any devices you want to route through it. The steps are outlined on the link.
https://github.com/theOtherLuke/nordlynx-router
It provides all the benefits of the NordVPN app, e.g. NordLynx speeds, kill switch, post-quantum encryption, plus Nord's trickery to keep sites like Google working. Other benefits are being able to set cron jobs to refresh the connection whenever you like, or send ssh commands to change/refresh VPN servers. All very convenient.
A couple of things I noted while setting this up:
1) I always WireGuard into my router from the road. I have LAN access, but at the same time route the internet through this VPN gateway. However, if my WireGuard subnet is 10.x.x.x, I found that the Nord app will block the internet. I couldn't see why, it just seems baked in. To get around it, I set up my WireGuard connection on a 192.x.x.x subnet, and Nord works with this fine.
2) The script provider suggested not opening up subnets in the NordVPN app. It's best ignored - open as many as you need. Without it, I couldn't have got it working.
3) It's possible to set up AdGuard Home in parallel, using the VPN tunnel to resolve queries. Point the Nord app at the AdGuard DNS, then configure AdGuard to use NordVPN's DNS servers.
Lastly, I'm using this in a Debian 12 LXC on Proxmox. I haven't tried it on an RPI, but it allegedly should work.
