What do I need to create my own VPN?

Infinitude wrote:

I am looking for guidance as to the hardware and software needed to do this.

You may need the following which is what I setup/use for my VPN connection to my home Server:

• A router at your home that allows port forwarding (e.g. Airport Extreme).
• Consider reserving your home Mac's IP address on your LAN (e.g. 192.168.1.3) in the router. This would be the Mac you're going to use as the VPN Server.
• Port forward TCP port 1723 and UDP ports 500, 4500, 1701 in your router to your home Mac's IP address from bullet #2.
• Use a free dynamic DNS service such as NOIP.com to setup a DNS that devices away from your home can use to VPN into your VPN Server. This service will use the router IP address assigned by your ISP and associate it to your dynamic DNS.
• Install a VPN Server software and configure it to use your dynamic DNS and set a secret password. I installed and use macOS Server and it's VPN service.

While I'm away from home, I can use my iPhone or MBP Retina and VPN into my home LAN using my dynamic DNS (e.g. myvpn.ddns.net) as the server to connect to.

You should consider Strongswan 5.5.1 (http://strongswan.org) on a Linux box. There is a very detailed Wiki for Strongswan, not to mention the community on the strongswan mailing list.

Another option is openVPN (Tunnelblick). Some DSL gateways with openWRT support come with openVPN included.

I store all my documents on my iMac running Sierra and access them via the free Documents.app by Readdle on my iPad or through sharing with my MacBook. Setting up a VPN requires you to do the following:

1. Locate your IP address. (Go to DuckDNS and sign up for a free dynamic DNS name if you need one)

2. Go here http://cutedgesystems.com and download VPNEnabler

3. Install VPNEnabler as per instructions on that page. Pay attention to opening the correct ports on your router. Save the profile generated and copy it to your laptop.

4. On your iPhone/ iPad, go to Settings/ General/ VPN and enter the details from your initial VPNEnabler install. On your laptop double click the profile and install it.

5. Switch on the VPN on your iPhone or iPad or click Connect in System Preferences on your laptop

If you have installed everything correctly then you will connect. Your iPhone, iPad or laptop connects back to the VPN Server and all interaction with the Internet from that point on goes through the local private network, on an encrypted channel. If you use public wifi a lot then you now have a secure, encrypted ***

Does your home office router or hardware firewall - if you have one offer a built-in VPN server? If so it might do the job. If your just using the standard home broadband router issued by your ISP it is unlikely to offer such a feature. (You could potentially replace it with your own.)

I have setup StrongSwan5 in a Linux VM running on a Mac. StrongSwan5 can provide both Cisco IPSec and IKEv2 compatible VPN services, it can also utilise SSL certificates instead of a pre-shared-key. Using certificates is considered more secure than a PSK.

Note: Both the Cisco IPSec and IKEv2 options will work with the built-in Apple VPN client.

I have also setup a L2TP VPN server using the built-in function in a SonicWALL firewall, this then works with the built-in Apple VPN client. The other VPN options provided by the SonicWALL require using either the SonicWALL VPN client or a suitable third-party client and these typically incur additional license fees as well as installing additional software.

As others have mentioned using Apple's own Server.app and its L2TP VPN server is an option. Personally I find this less and less reliable.

Some people chose to pay for a VPN service, this accomplishes the goal of encrypting your traffic via a VPN so someone else say in the same StarBucks could not easily eavesdrop on your traffic but a lot of people have concerns about the trustworthiness of such providers. Even if they themselves are ok if your goal is end-to-end protection they do not cover accessing your home office network, for that you need your own solution.

Make sure before that the VPN you choose has a server in the country you live in now.

I use Surfeasy. I travel a lot. Surfeasy has no server in CH where I live, but it has in the country NL where I want to come above ground.

You could install macOS Server on a mac in your home. It includes VPN functionality.

If you want a relatively simple solution, with minimal configuration and maintenance, look at the Hamachi VPN service from logmein.com

...and that should end with connection (not '***')

I've been using VPNEnabler now since the Mavericks version and it works well. The best part about it is it's free.