The installation wizard will walk you through the setup process. Here's a quick overview of each step.
Define a static IP address
You will be prompted to edit your network settings. Our Raspberry Pi VPN needs a static IP address. You can leave the default value or choose one of your own if your ISP supports static IPs.
Choose a user to manage VPN settings
You will see a dialogue that states “Choose a local user that will hold your ovpn configurations.” Select OK and choose an account to use. I’m leaving mine set to the default account, but you can use any account you want here.
Set up "Unattended Upgrades"
The next prompt will ask about "Unattended Upgrades". This automatically downloads updates, but it won’t reboot your Pi. You’ll have to reboot the Pi manually from time to time. If you want to use these enable them now.
Choose TCP or UDP
You will be asked to choose between TCP or UDP. If you're not sure what to put here, UDP is a safe bet.
Set a port number
On the next screen, you can set a custom port number or leave the default value of 1194. You will be prompted to confirm the port settings.
If you have clients running OpenVPN 2.4 or later, you can integrate features for it by choosing Yes. Otherwise, choose No.
Choose encryption settings
Choosing what level of encryption to use it up to you. 1024 bit is on the lower end and hardly recommended. 4096 bit offers the greatest security but also causes the most latency. 2048 bit seems to be in the sweet spot for what we want to accomplish.
Server key is generated
Up next, PiVPN will create a server key. This may take a little while, just leave the Pi running while it generates the key. The creator stated this process took up to 45 minutes on his Pi 3B+, however, I experienced a much shorter wait time on mine.
When prompted for DNS settings, you can opt to use a DNS. However, I'll be using my public IP.
Select the DNS provider
Choose one of the DNS providers from the list or select "custom" to use your own.