I have set up my home Asus router as an OpenVPN server and it functions as a tunnel VPN so I can safely have remote access to my home IP camera system. Just curious if anyone else has done this? I just realized that when camping and using a public WIFI I can activate the VPN on my client device and basically be accessing the internet (and being encrypted)through my home router. This should make possible secure browsing as in being able to make purchases, etc.
That's what I had set up before we went full time. More that we are full time, I no longer have my firewall set up.
So I assume you felt secure when using a public WIFI? Did you activate the OpenVPN client app before logging into a WIFI, or after. Or does it make any difference?
Lol! I have Android and used the app called Tasker to automate all of that. I started with OpenVPN and just got wireGuard running before I tore it all down and sold it.
General rule of thumb is to connect to the VPN server before navigating anywhere. I actually had mine on all the time, cell or WiFi.
For many situations I'm not sure how much a VPN buys a person anymore. Many of the sites I connect to (and do business with) are HTTPS which is already secured.
It all depends on how you grow "security". Without a VPN, I can geolocate your approximate location based on your IP address when you hit my website. From there, I can target ads based on that location. (That's a "good" use for it.) For nefarious threat actors, I can use that to track your website visits and put together a timeline of where you were and observe possible patterns to track you physically.
With a commercial VPN solution, threat actors get the location data from many people since the endpoint IP address is the outlet for hundreds of subscribers, effectively anonymizing your individual traffic.
Having a VPN at your sticks and bricks gives you an option to store data locally and access other Network Services at your house.
For instance I had a personal cloud server behind my firewall that allowed me to store all of my pictures and videos and personal information securely. I would access it via my VPN, remotely. It was really handing not to have all of that data cluttering up my phone or my other personal devices.
If you are going through a public WIFI I think you are vulnerable before the security of the website i.e. HTTPS comes into play. With a tunnel VPN I'm encrypting data starting at my computer/iPhone.
When I'm connected to the VPN I'm actually working through my home network so at that point I feel safe accessing a secure website.
HTTPS is going to work at the application layer. VPN will work at the lower layers. Its a matter of your own comfort and if you feel better doing both you should do so. But, if you're traveling and you do everything through a VPN via your home network you may be adding considerable latency to your traffic. I live in the Minneapolis area and currently am in Florida. If I want to talk to another server in Florida, I don't want my traffic to go back to Mpls and then back to Florida again...
But aren't you doing the same thing with VPN since everything is routed through a server wherever that might be located? I also tried VPN (just a free version for testing it out) and found that if I tried to access my bank account for example, it wouldn't let me. Shut off VPN and it was fine. Also found it annoying that I would get those "are you a person" quizzes much more often when I had VPN turned on. Maybe it's because I was trying out the free version, not sure, but it was a pain. In addition, it often seemed slower but my guess is that was due to the free account and saturation of the server which mostly showed 90%+ usage.
To an extent. I liked it too this: out in public, you wear clothes because you don't want everyone to see you nekkid. This is WITH a VPN. Without a VPN, you are the emperor in the story book tail The Emperor's Clothes. A threat actor sees everything.
As for your free VPN, it will depend on the endpoint of the VPN. It might have been in a different country, or is a known avenue for threat actors, based on the endpoint's IP address or address range.
I can setup a WireGuard VPN server in a cloud space in the US and have no problems accessing my bank and other financially sensitive institutions.
If I use a commercial VPN service, I do get more blocks.
As to the Captchas that you see more of, is because of the IP address of the endpoint.
Internet public IP address are "leased" from the ICANN, so, for instance, mygrandrv.com IP address is 172.67.216.158. If it was a VPN, all traffic coming through would be from that IP address. Let's say mygrandrv.com is a VPN provider, they might have a range of public IP adresses, let's say 172.67.216.*. The * indicates 1-254. So there are 254 IP addresses that they lease. And the endpoint could be any of them.
It then becomes easy for websites to then block traffic from that IP address range, or enforce a stronger level of authentication on requests coming from the IP range.
So, something like Xfinity, will have a range of 107.*.*.* (among others). So hundreds of thousands of IP addresses. Plus, because they are registered with ICANN, websites have a higher degree of certainty that the traffic coming from one of the IP addresses are an individual, not a VPN.
Hope this makes sense, at a high level.
Yes, makes sense in general. Just read up a bit on WireGuard too, so thanks for sharing. I had thought about trying a subscription to NordVPN or other to see how it works in comparison to the free version I had tried. May well do that. I love banking and other financial stuff online but have been concerned about security. I know the sites are encrypted but still would prefer additional layers because everything we have these days is online.
MoonShadow_1911 - Excellent description....thanks. As you mentioned the location of the endpoint is important. Some of the VPN providers have multiple server endpoints and others not so much. Its all give and take with this stuff, and I believe that each person needs to decide how much and how far they want to go. VPN's basically provide two services: They encrypt your data between two points and hide the IP address where you're located. That said, you also need to trust your VPN provider - especially free ones. It wouldn't be the first time a malware provider set up a free VPN service. I personally don't have a VPN yet as I'm still researching. For now I'm avoiding public WIFI as much as possible and using my phones LTE. I know that its still vulnerable, but it does skirt around some of the more obvious risks. This whole VPN thing can get complicated real quick. For those wanting read more this might be a good starting point.
https://www.zdnet.com/article/what-is-a-vpn-and-how-does-it-work/
To add to what Moonshadow said, there are different types of VPN's. The more common ones being the one you are probably thinking about, one that simply masks your IP address so your internet traffic cannot be traced to your WAN IP address.
With my router as an OpenVPN server I am creating a tunnel to my home router, meaning when I'm at a remote location all traffic is both encrypted and appears to be coming through my home WAN IP address, not the WIFI or network I am connected to.
Yep, this approach takes a bit more work as one must set up the VPN server. But it does have many advantages such as allowing secure access to one's home network.
Yes, it does, and the even the simplest approach that I found required using a router that had built in OpenVPN capabilities. The Asus router fit the bill for me. It was kind of steep learning curve, but once I got the hang of it it's really pretty simple.
The reason I initially got into it was remote access of my home IP camera system. 99% of folks use port forwarding for this. Opening ports to your router is dangerous. I'm not so concerned about someone looking at my cameras, but about getting into them and using them as bots, spewing span everywhere.
Several times I've been in campgrounds and needed to make future reservations, and only having access to the public WIFI. It just don't like the small iPhone screen for internet use. It finally dawned on me to use the OpenVPN connection to be able to put on credit card info, etc, and still be secure.
Thanks for all of this information. I have a Netgear Nighhawk and it appears I may be able to setup OpenVPN on it. Will have to start researching that. I would also like to see our cameras when not at home. I never did port forwarding because I didn't like the security aspect of it so I've never been able to see them when we are traveling.
I was using a Netgear Nighthawk R8000 router for years when I first started using a home VPN. I accessed it with OpenVPN clients on my Android devices and Windows laptop. It allowed access to banking and other sites in the US when we vacationed outside the US. Also, it allowed access to our home network and allowed me to monitor/change thermostats, irrigation system settings, access Netflix programming in the US., and a local NAS network storage device. To access movies or content not yet released in the US and only available in other countries, a commercial VPN service can be used. I do have Surfshark's VPN service. With Surshark, I do sometimes while surfing the web get the pain-in-the-********** requests to verify that I am a human and do have issues even connecting to some websites. For that reason, I rely mostly on my home VPN service. However, I did install Surfshark on a Firestick so we can watch US content on Netflix when in another country by connecting to one of the many Surshark servers in various cities around the US. I could not figure out how to install an OpenVPN client on the Firestick, so that I could connect to my home VPN server.
In 2021, I upgraded our home router to a Netgear Orbi RBK853 WiFi 6 mesh system. If I had waited a few more months a WiFi 6E router would have been available. It's a pretty simple checkmark in the router to turn the VPN service on. It will work with OpenVPN clients.
One issue I faced in the past with running a home VPN was an occassional change in our home IP address which is controlled by our service provider. It would change sometimes when we were overseas and was inconvient to find out the new ip address so I could update the OpenVPN clients configuration files. I solved that issue by subscribing to NO-IP's DDNS (Dynamic Domain Name Service). The Orbi router will update NO-IP with it's new IP Address whenever it changes. It can be configured in the Orbi's VPN setup page to use a DDNS with NO-IP. NO-IP provided me with my own Domain Name which points to my home router's IP Address. The communication between the home router and NO-IP keeps my NO-IP domain name pointed to my new home IP Address within a minute or two of it changing. This way my domain name is configured within the my devices' OpenVPN client configuration files and is always up-to-date.
In 2021, I upgraded our home router to a Netgear Orbi RBK853 WiFi 6 mesh system. If I had waited a few more months a WiFi 6E router would have been available. It's a pretty simple checkmark in the router to turn the VPN service on. It will work with OpenVPN clients.
One issue I faced in the past with running a home VPN was an occassional change in our home IP address which is controlled by our service provider. It would change sometimes when we were overseas and was inconvient to find out the new ip address so I could update the OpenVPN clients configuration files. I solved that issue by subscribing to NO-IP's DDNS (Dynamic Domain Name Service). The Orbi router will update NO-IP with it's new IP Address whenever it changes. It can be configured in the Orbi's VPN setup page to use a DDNS with NO-IP. NO-IP provided me with my own Domain Name which points to my home router's IP Address. The communication between the home router and NO-IP keeps my NO-IP domain name pointed to my new home IP Address within a minute or two of it changing. This way my domain name is configured within the my devices' OpenVPN client configuration files and is always up-to-date.
Great post, very thorough. The system you describe should be helpful to a lot of "road warriors'.
Good info and gives me security that my VPN will provide the security I'm looking for when on a public network. Asus provides a free DDNS service that functions like NO-IP. Not having a static IP address was one of my concerns when considering setting up a VPN. I have used Netgear products before and they are top notch. It's interesting to learn the router, apparently running as a non-OpenVPN server, can be accessed with OpenVPN clients.
Last edited:
Dana H
Advanced Member
Here is a link to a new product that gl-inet is coming out with just for the RVs. https://mailchi.mp/gl-inet.com/share-your-ideas-to-wins-a-mango-router-13729196?e=9f3c3a5636
I'm using a Slate router and VPN now and works pretty. I'm no expert and use my son in law to help me.
I'm using a Slate router and VPN now and works pretty. I'm no expert and use my son in law to help me.
Similar threads
- Overtaxed
- Mobile Tech: Connectivity On The Road
- Replies: 2
- Views: 1K
- KamFlyer
- Mobile Tech: Connectivity On The Road
- Replies: 9
- Views: 3K
- tnedator
- General Tech Topics
- Replies: 1
- Views: 720
Try RV LIFE Pro Free for 7 Days
- Ad-Free experience on this RV LIFE Community.
- Plan the best RV Safe travel with RV LIFE Trip Wizard.
- Navigate with our RV Safe GPS mobile app.
- and much more...
