• Welcome to TechPowerUp Forums, Guest! Please check out our forum guidelines for info related to our community.

Wireless Router VPN?

Joined
Jul 9, 2016
Messages
1,067 (0.38/day)
System Name Main System
Processor i9-10940x
Motherboard MSI X299 Xpower Gaming AC
Cooling Noctua NH-D15S + Second Fan
Memory G.Skill 64GB @3200MHz XMP
Video Card(s) ASUS Strix RTX 3090 24GB
Storage 2TB Samsung 970 EVO Plus; 2TB Corsair Force MP600; 2TB Samsung PM981a
Display(s) Dell U4320Q; LG 43MU79-B
Case Corsair A540
Audio Device(s) Creative Lab SoundBlaster ZX-R
Power Supply EVGA G2 1300
Mouse Logitech MK550
Keyboard Corsair K95 Platinum XT Brown Switches
Software Windows 10 Pro
Benchmark Scores Cinebench R20 - 6910; FireStrike Ultra - 13241; TimeSpy Extreme - 10067; Port Royal - 13855
I don't have much experience when it comes to VPN but is there a good wireless router that has built-in VPN that equips all connected devices with encrypted browsing? Basically I am looking for a plug-and-play solution. I see some routers with VPN support but how does the decryption work on the other end?

I don't feel like sending all my browsing information to a VPN service provider such as TunnelBear, not to mention each machine will need to have its software installed.

Thanks in advance.
 
Joined
Oct 17, 2012
Messages
9,781 (2.35/day)
Location
Massachusetts
System Name Americas cure is the death of Social Justice & Political Correctness
Processor i7-11700K
Motherboard Asrock Z590 Extreme wifi 6E
Cooling Noctua NH-U12A
Memory 32GB Corsair RGB fancy boi 5000
Video Card(s) RTX 3090 Reference
Storage Samsung 970 Evo 1Tb + Samsung 970 Evo 500Gb
Display(s) Dell - 27" LED QHD G-SYNC x2
Case Fractal Design Meshify-C
Audio Device(s) on board
Power Supply Seasonic Focus+ Gold 1000 Watt
Mouse Logitech G502 spectrum
Keyboard AZIO MGK-1 RGB (Kaith Blue)
Software Win 10 Professional 64 bit
Benchmark Scores the MLGeesiest
I know my router offers a VPN service. I've never got around to setting it up though. From what I've heard your better off going with a dedicated service over It tho.
Asus rtac66W
Merlin

I would assume that what you hope to accomplish or get out of the service also dictates which would better suit your needs
 

Kursah

Super Moderator
Staff member
Joined
Oct 15, 2006
Messages
14,664 (2.30/day)
Location
Missoula, MT, USA
System Name Kursah's Gaming Rig 2018 (2022 Upgrade) - Ryzen+ Edition | Gaming Laptop (Lenovo Legion 5i Pro 2022)
Processor R7 5800X @ Stock | i7 12700H @ Stock
Motherboard Asus ROG Strix X370-F Gaming BIOS 6203| Legion 5i Pro NM-E231
Cooling Noctua NH-U14S Push-Pull + NT-H1 | Stock Cooling
Memory TEAMGROUP T-Force Vulcan Z 32GB (2x16) DDR4 4000 @ 3600 18-20-20-42 1.35v | 32GB DDR5 4800 (2x16)
Video Card(s) Palit GeForce RTX 4070 JetStream 12GB | CPU-based Intel Iris XE + RTX 3070 8GB 150W
Storage 4TB SP UD90 NVME, 960GB SATA SSD, 2TB HDD | 1TB Samsung OEM NVME SSD + 4TB Crucial P3 Plus NVME SSD
Display(s) Acer 28" 4K VG280K x2 | 16" 2560x1600 built-in
Case Corsair 600C - Stock Fans on Low | Stock Metal/Plastic
Audio Device(s) Aune T1 mk1 > AKG K553 Pro + JVC HA-RX 700 (Equalizer APO + PeaceUI) | Bluetooth Earbuds (BX29)
Power Supply EVGA 750G2 Modular + APC Back-UPS Pro 1500 | 300W OEM (heavy use) or Lenovo Legion C135W GAN (light)
Mouse Logitech G502 | Logitech M330
Keyboard HyperX Alloy Core RGB | Built in Keyboard (Lenovo laptop KB FTW)
Software Windows 11 Pro x64 | Windows 11 Home x64
If you run the VPN through the router, then you don't need the software on the devices as all your traffic is encrypted through the VPN service tunnel. Now if you use those devices away from your home LAN, then you'll want the VPN software on the device so you can use the VPN tunnel while away.

Personally I've used PIA for the past several years with great success and they have a lot of servers. I don't use it 24/7 though.

Is this a knee-jerk response to the ISP privacy bill headed for the POTUS's desk?

Something else you might look into is Tor, but even that's not surefire, nor is a dedicated VPN service....especially if you run the default encryption settings (which improves speed and sacrifices security). I run higher levels of security on PIA but can still peak out my 60Mbps connection every time I use it. Makes me pretty happy and it's $40/yr for 5 devices.

I know if you use a PFSense router (build one out of an old PC, micro PC, or buy a PFSense router), or get a router that you can use DD-WRT, MerlinWRT, OpenWRT or Tomato on, you can use VPN services such as PIA. BUT the cost can be great if you get a router with a weaker CPU and not enough buffer. VPN encryption takes quite a bit of processing power...so if you want this to work well, expect to spend some $$$. I spent about $250 building my own PFSense router last year...thing is a damn beast...I run OpenVPN tunnels from it so I can access my LAN from wherever. I don't use PIA on it, but have messed around with it a time or two just to verify it is do-able....and it is. Frankly I prefer to control access via device.

PIA has some info here: https://helpdesk.privateinternetacc...ivate-Internet-Access-service-with-my-router-

I should add if this is a knee-jerk reaction to the recent bill , that there's a lot of ways you can protect your privacy but ultimately it is getting harder and harder to do so. Pick your VPN wisely and while PIA is my choice for now...that could change depending on how things go. If you want real privacy, then unplug...that's really the only sure-fire way. But careful browsing, mixing VPN with higher encryption, using Tor for browsing, being careful at what you choose to browse for and look at all can go a long ways.

Hope that helps! :toast:
 
Joined
Jul 9, 2016
Messages
1,067 (0.38/day)
System Name Main System
Processor i9-10940x
Motherboard MSI X299 Xpower Gaming AC
Cooling Noctua NH-D15S + Second Fan
Memory G.Skill 64GB @3200MHz XMP
Video Card(s) ASUS Strix RTX 3090 24GB
Storage 2TB Samsung 970 EVO Plus; 2TB Corsair Force MP600; 2TB Samsung PM981a
Display(s) Dell U4320Q; LG 43MU79-B
Case Corsair A540
Audio Device(s) Creative Lab SoundBlaster ZX-R
Power Supply EVGA G2 1300
Mouse Logitech MK550
Keyboard Corsair K95 Platinum XT Brown Switches
Software Windows 10 Pro
Benchmark Scores Cinebench R20 - 6910; FireStrike Ultra - 13241; TimeSpy Extreme - 10067; Port Royal - 13855
Thanks for the response. Is it a response to the bill? It is the final push for me to look into. It is not browsing that I am concerned with but the IP of my work. Currently I also don't have the need to access my home network from anywhere. I have been using Chrome/Edge but have not used Tor. It is not something that I will try anyway.

I have multiple idle quad/hex core PCs sitting around so running PFSense is not a problem. However, PIA that you have listed is a paid service. Any non-paid service out there, or better yet, any better solution than to connect to someone else via VPN?
 

Kursah

Super Moderator
Staff member
Joined
Oct 15, 2006
Messages
14,664 (2.30/day)
Location
Missoula, MT, USA
System Name Kursah's Gaming Rig 2018 (2022 Upgrade) - Ryzen+ Edition | Gaming Laptop (Lenovo Legion 5i Pro 2022)
Processor R7 5800X @ Stock | i7 12700H @ Stock
Motherboard Asus ROG Strix X370-F Gaming BIOS 6203| Legion 5i Pro NM-E231
Cooling Noctua NH-U14S Push-Pull + NT-H1 | Stock Cooling
Memory TEAMGROUP T-Force Vulcan Z 32GB (2x16) DDR4 4000 @ 3600 18-20-20-42 1.35v | 32GB DDR5 4800 (2x16)
Video Card(s) Palit GeForce RTX 4070 JetStream 12GB | CPU-based Intel Iris XE + RTX 3070 8GB 150W
Storage 4TB SP UD90 NVME, 960GB SATA SSD, 2TB HDD | 1TB Samsung OEM NVME SSD + 4TB Crucial P3 Plus NVME SSD
Display(s) Acer 28" 4K VG280K x2 | 16" 2560x1600 built-in
Case Corsair 600C - Stock Fans on Low | Stock Metal/Plastic
Audio Device(s) Aune T1 mk1 > AKG K553 Pro + JVC HA-RX 700 (Equalizer APO + PeaceUI) | Bluetooth Earbuds (BX29)
Power Supply EVGA 750G2 Modular + APC Back-UPS Pro 1500 | 300W OEM (heavy use) or Lenovo Legion C135W GAN (light)
Mouse Logitech G502 | Logitech M330
Keyboard HyperX Alloy Core RGB | Built in Keyboard (Lenovo laptop KB FTW)
Software Windows 11 Pro x64 | Windows 11 Home x64
Opera web browser I believe offers a free VPN, frankly PIA has been very cost effective for an outbound VPN service. You get what you pay for.

What is your goal for the VPN service? Maybe I misunderstood and you don't need it for protecting your network traffic from prying eyes?

If you want site-to-site, look into OpenVPN and IPSEC, both work quite well. I have deployed many of these...mostly for businesses that need to link various remote sites.

Edit: What concerns do you have about the IP of your work? The Opera VPN might help you here for a single device. Otherwise, take one of your PC's, put PFSense on it and have a beefy firewall, throw on Snort for IDS/IPS, and protect the network. If it isn't your business, lease or sell the device to them. :)
 
Last edited:
Joined
Jul 9, 2016
Messages
1,067 (0.38/day)
System Name Main System
Processor i9-10940x
Motherboard MSI X299 Xpower Gaming AC
Cooling Noctua NH-D15S + Second Fan
Memory G.Skill 64GB @3200MHz XMP
Video Card(s) ASUS Strix RTX 3090 24GB
Storage 2TB Samsung 970 EVO Plus; 2TB Corsair Force MP600; 2TB Samsung PM981a
Display(s) Dell U4320Q; LG 43MU79-B
Case Corsair A540
Audio Device(s) Creative Lab SoundBlaster ZX-R
Power Supply EVGA G2 1300
Mouse Logitech MK550
Keyboard Corsair K95 Platinum XT Brown Switches
Software Windows 10 Pro
Benchmark Scores Cinebench R20 - 6910; FireStrike Ultra - 13241; TimeSpy Extreme - 10067; Port Royal - 13855
No protecting network traffic is exactly what I need. What I mean about browsing is I know Google/Chrome knows my browsing pattern with the targeted Ad Choice. I am less concerned with that because what I browse with my browsers are not as sensitive as the IP work that I develop and upload to various repositories. That is the traffic/data that I want to shield from my ISP selling to 3rd parties. Of course it would be nice if I can anonymize my browsing pattern as well. I am not looking for site to site VPN. For that a solution would be simpler. After reading a bit I really don't think I will go with a VPN provider. Too much risk there too.
 

Kursah

Super Moderator
Staff member
Joined
Oct 15, 2006
Messages
14,664 (2.30/day)
Location
Missoula, MT, USA
System Name Kursah's Gaming Rig 2018 (2022 Upgrade) - Ryzen+ Edition | Gaming Laptop (Lenovo Legion 5i Pro 2022)
Processor R7 5800X @ Stock | i7 12700H @ Stock
Motherboard Asus ROG Strix X370-F Gaming BIOS 6203| Legion 5i Pro NM-E231
Cooling Noctua NH-U14S Push-Pull + NT-H1 | Stock Cooling
Memory TEAMGROUP T-Force Vulcan Z 32GB (2x16) DDR4 4000 @ 3600 18-20-20-42 1.35v | 32GB DDR5 4800 (2x16)
Video Card(s) Palit GeForce RTX 4070 JetStream 12GB | CPU-based Intel Iris XE + RTX 3070 8GB 150W
Storage 4TB SP UD90 NVME, 960GB SATA SSD, 2TB HDD | 1TB Samsung OEM NVME SSD + 4TB Crucial P3 Plus NVME SSD
Display(s) Acer 28" 4K VG280K x2 | 16" 2560x1600 built-in
Case Corsair 600C - Stock Fans on Low | Stock Metal/Plastic
Audio Device(s) Aune T1 mk1 > AKG K553 Pro + JVC HA-RX 700 (Equalizer APO + PeaceUI) | Bluetooth Earbuds (BX29)
Power Supply EVGA 750G2 Modular + APC Back-UPS Pro 1500 | 300W OEM (heavy use) or Lenovo Legion C135W GAN (light)
Mouse Logitech G502 | Logitech M330
Keyboard HyperX Alloy Core RGB | Built in Keyboard (Lenovo laptop KB FTW)
Software Windows 11 Pro x64 | Windows 11 Home x64
If it is that important, it is worth paying for a service to protect it IMHO. If your place of work values what data it transfers, it should already have a mitigation process for encryption and data handling in place. I wouldn't expect your ISP to sell that data specifically, but it will likely be in a bulk report. No different than when you use your credit card, discount cards, membership cards, frequent flier miles, vehicle registration, cable TV service, POTS telephone services, etc...pretty much anything with a membership in the past several decades has already been doing what this new bill is going to let ISP's do now. It sucks, but really it's just more data on what you do...they probably don't want your work, but they do want to know what you search for, buy, when you buy it, what you window shop for, any metric that can be sold to other companies in the hopes of getting you to buy something you didn't need so they all make a profit. That's what it's all about in the end...and it sucks.

If you want to anonymize your browsing pattern, look into Tor more. I don't use it often, but even there you're not 100%. 100% would be simply unplugged from the Internet. Even then your digital fingerprints would take some time to fade, years or even decades.

PIA has been solid in my experience and testing, but like many other providers they can and may eventually be forced to hand over their encryption keys which makes the service useless. For now though I haven't read or seen any issues with that or a few of the close competitors I researched before renewing this year. Frankly I'm very happy with the service, and $40/yr is pretty affordable for a VPN service.

Tunneling your network traffic through an encrypted VPN service on IPSEC or OVPN using AES256 encryption, with at least 2048-bit or higher handshake and SHA256 validation is what I would recommend if you go with any VPN.

If your guy's data is truly needing to be secure, a site-to-site VPN between you and them is critical. Not knowing if you work remotely, if you do, this is what I'd suggest. That or what is called a road warrior VPN (where you run software to connect to a VPN tunnel service, how I connect to my OVPN server at home or connect to PIA) if you travel. That or if you do regular data transfer services to specific vendors, setting up a VPN agreement with them would be highly suggested.

Another option is to compress and encrypt the data you're transferring, I use that with 7Zip and passworded AES256 encryption. Though depending on package sizes this could be a challenge...but you could go with a cloud storage service (many, if not all...grab data metrics about what they can access...and have since the start).

What you might be afraid of losing is likely already been seen or indexed in one form or another...but you can empower yourself and at least make it more of a pain in the ass to see what the hell you're doing. Tor and VPN's are options, encryption is the key. Transferring encrypted documents and containers over an encrypted VPN would be a very good way to go as well.

If you wanna hide, you're gonna have to work at it...there is no easy and free solution. How much is your data worth to you? Definitely weigh that in if you decide to cheap out on a solution that isn't good enough. Sounds like you might not go VPN anyways...hopefully you can find a solution that suits your needs. VPN's are great though, I've setup dozens for various clients...these VPN services come and go... but in business, if you have a good business relationship...a VPN agreement is really the way to go IMHO. Dedicated storage, subnets, and routing rules to limit access beyond a specified area, a secure encrypted tunnel between sites...but in some cases that isn't an option.

Good luck and keep us posted on what you decide. :toast:
 
Joined
Jul 9, 2016
Messages
1,067 (0.38/day)
System Name Main System
Processor i9-10940x
Motherboard MSI X299 Xpower Gaming AC
Cooling Noctua NH-D15S + Second Fan
Memory G.Skill 64GB @3200MHz XMP
Video Card(s) ASUS Strix RTX 3090 24GB
Storage 2TB Samsung 970 EVO Plus; 2TB Corsair Force MP600; 2TB Samsung PM981a
Display(s) Dell U4320Q; LG 43MU79-B
Case Corsair A540
Audio Device(s) Creative Lab SoundBlaster ZX-R
Power Supply EVGA G2 1300
Mouse Logitech MK550
Keyboard Corsair K95 Platinum XT Brown Switches
Software Windows 10 Pro
Benchmark Scores Cinebench R20 - 6910; FireStrike Ultra - 13241; TimeSpy Extreme - 10067; Port Royal - 13855
Perhaps I am not making it clear - I am not looking for a cheap solution (but of course, not looking to pay thousands either). The reason I am not going with a VPN provider is I don't want them to have all my data. They say they don't log, but who knows. If logging is on and they have the encryption key, they will have everything. I would rather take my chances with the ISP.

I am not connecting to another office. My home is the office, and the repo I am connecting to are like Github, etc. So a site to site VPN is not viable to me.

So, I am looking for a way to encrypt traffic in/out of my home office, not routing to a VPN provider, but somehow gets to the destination and be decrypted. Possible to do? I read somewhere about setting my own VPS, virtual private server. Is that a solution that I should look into?
 
Top