This guide is tested for Debian 9 Stretch Linux, but it may work with other recent Debian versions.
This guide assumes that you're running Debian on a VPS or a remote server, since that's the most likely scenario for a VPN.
A working install of Debian Stretch with root access
# - requires given command to be executed with root privileges either directly as a root user or by use of sudo command
$ - given command to be executed as a regular non-privileged user
Setting up your own VPN is no small task, but there are plenty of reasons that you'd want to do it. For one, when you run your own VPN, you have complete control of it and know exactly what it's doing.
Security is an important factor for VPNs. It's possible to set up a simple one in a few minutes, but it won't be secure at all. You need to take the appropriate steps to ensure that both the server and your connections remain private and encrypted.
Before embarking down this road, you may want to consider encrypting your disks, beefing up kernel security with SELinux or PAX, and making sure everything else is locked down.
Iptables is a big part of server security. You need iptables to ensure that information doesn't leak out of your VPN. Iptables also works to prevent unauthorized connections. So, the first step in setting up a VPN on Debian is setting up iptables.