Case : Only One Router In The Home Network Map
Step1. Set up OpenVPN Server on Your Router
1. Log in to the web-based interface of the router. If you dont know how to do that, please refer to
2. Go to Advanced > VPN Server > OpenVPN, and select Enable VPN Server.
Note:
- Before you enable VPN Server, we recommend you configure Dynamic DNS Service or assign a static IP address for the routers WAN port and synchronize your System Time with the internet.
- For the CG-NAT ISP: Comporium and Direct link – radio service, provide the customer a private IP, that will cause you cant use the OpenVPN and affect the NAT Type. You can contact the ISP and ask them to offer a Statis IP address.
- The first time you configure the OpenVPN Server, you may need to Generate a certificate before you enable the VPN Server.
3. Select the Service Type for OpenVPN Server: UDP, TCP.
4. Enter a VPN Service Port to which a VPN device connects, and the port number should be between 1024 and 65535.
5. In the VPN Subnet/Netmask fields, enter the range of IP addresses that can be leased to the device by the OpenVPN server.
6. Select your Client Access type. Select Home Network Only if you only want the remote device to access your home network select Internet and Home Network if you also want the remote device to access internet through the VPN Server.
7. Click Save.
8. Click Generate to get a new certificate.
Note:
If you have already generated one, please skip this step, or click Generate to update the certificate.
Note:
Setting Up Your Own VPN Server
To create your own VPN for personal use, you have a few specific hosting options:
- Run the software on a cloud virtual private server. All cloud providers, from titans like Amazon Web Services to smaller operations like Vultr, offer cloud-hosted servers called VPSs. This approach allows you to select a city with a data center in which to host your VPN.
- Use your home routers VPN server functionality. If you have a router with the feature built-in or with the ability to use third-party firmware, you only need your router. With this approach, you can even access your home network remotely. At the same time, this option isnt useful while youre at home.
- Other solutions like hosting on dedicated physical machines. Enterprises commonly have dedicated VPN servers on their internal networks to allow employees to securely work from home. For home use, this solution is overkill: your router can do the same thing. However, you could have a second network that you want to access remotely . In this case, you can follow many of the same steps for creating a cloud VPN server but with a spare desktop or single-board computer left on 24/7.
In the following sections, youll learn how to set up a VPN in the cloud and on a router.
A Home Network Setup: What You Will Need
Whether you’re designing a wired or wireless home network, most networks will typically include the following elements:
- Router or wireless router
The hub that connects your devices in a single home network.
A sub-device that adds another connection point in the house for wireless devices.
Used to connect Ethernet-enabled devices to the router.
Used to wire in devices to the router.
Filters out DSL signals from your telephone line so your phone can work at the same time as your broadband.
Recommended Reading: Multiple VPN Connections At The Same Time Windows 10
Create A Certificate Authority
If you are using OpenVPN, you likely will want to use certificates in addition to username/password since it adds an extra layer of security in addition to the username/password and certificate). A certificate authority is required in order to issue certificates. If you do not already have one set up for other purposes or you want to create a separate certificate authority just for OpenVPN, go to the System > Trust > Authorities page to create a new one. Click Add to proceed.
Add a Descriptive name for your Certificate Authority . For the Method, select Create an internal Certificate Authority. Stronger key lengths are better but of course require more computational power. If you have a lower end device, you may want to select a lower number. The default key length is 2048 bits. I dont think you would want a setting much lower than that to lower the likelihood of your key being bruteforced. Setting it to a stronger 4096 bit length should be fine for most reasonably powerful hardware. For the Digest Algorithm, the default is SHA256. The comments are the same as the key length. A stronger algorithm requires more processing power. I set it to SHA512 on my mini-PC router. It seems to run fine with 4096 bit keys and a SHA512 digest especially since I am mainly the only VPN user and the hardware in that PC is decent for a home router.
Splitting Your Home Network
For security reasons you may find the need to split your home network. This is especially true in small business networks like restaurants etc were customers are also given access to the network.
Many modern routers will provide guest networks for this purpose, and is easy to setup.
Another common method, but not as simple is to use VLANs. See Understanding and using VLANs
Also Check: Do I Need A VPN For Jailbroken Firestick
Establishing A VPN Server In Windows 10 Using Windows Built
Setup your Windows 10 Computer
Step 1: Open Network Connections window. Then click organize and select Layout-> Menu bar.
Step 2: From the menu bar, select File-> New Incoming Connection.
Step 3: Next, in the popup screen, select the user accounts you want to connect. We recommend you use a separate user account with a solid password to set up the VPN server so that your accounts will be safe. To do that, click on the Add someone button. After you have selected the user accounts, click on the Next button.
Step 4: Next, select the Through the Internet option to allow VPN connections to your computer over the Internet.
Step 5: Next, select the protocols on the list that should be allowed for incoming connections. After choosing what you want, allow access. If you do not want to allow the connections to access printers, opt-out File and Printer sharing for network connections.
Step 6: Next, select the protocols on the list that should be allowed for incoming connections. If you do not want to allow the connections to access printers, then opt-out File and Printer sharing for network connections. After choosing what you want, allow access.
Now your computer acts as a VPN server, and it is ready to serve for connection requests.
Setup port forwarding in your router
The next task is setting up port forwarding in your router to connect to the VPN server via the internet. By setting up port forwarding, your router can send the specific traffic to your computer.
Home Network Setup Wiring Diagrams
A wireless set-up
The wireless network diagram shows wireless devices, like laptops and mobile phones connecting with a wireless router via Wi-Fi. Since some wireless routers also contain ethernet ports, you can also connect a PC, for instance, with an ethernet cable. The devices connected via cable normally receive a stronger connection depending on cable quality/length, location and other household factors.
A wired set-up
In a wired setup, devices are hardwired into the router to receive an internet connection, which should significantly increase speeds. Your devices must have ethernet ports to connect them to the router with ethernet cables, which immediately singles out tablets, phones and newer laptops. However you can always plug in a wireless access point or switch to your router to connect any wireless devices to the network.
Assembling the parts
#1 Routers
Install your wireless router in a central location in your house. Generally, the closer your device is to the router the stronger your Wi-Fi signal.
For wired networks, plug a switch or Ethernet hub into an electrical socket with a high quality ethernet cable. Switches usually let you wire in up to eight devices using ethernet cables, assuming the devices have ethernet ports.
Tip: Security first!
Log into the routers online setup page to configure essential security settings. .
- Change the default SSID and password
- Enable WEP security
See our blogpost for more home network security tips.
#2 Access points
You May Like: How To Change Country In Google Play Store
Why Create Your Own VPN
With such a wide range of VPN services already available, setting up your own server might seem like a waste of time. However, there are quite a few advantages to the DIY approach:
- Fewer points of trust. With a paid VPN service, you pass all of your traffic through a third-party service operator and their cloud or network provider. When you set up your own server, you cut out the middlemanyour data is private between you and whoever provides your server.
- Lower cost and fewer limitations. In exchange for some setup time and being limited to a single region, making your own VPN server is cheap. Some cloud providers even offer fully-functional server hosting for free or provide significant sign-up credits. If you have a compatible router, setting up a VPN server on your router costs nothing.
- Access to your home network. If you set up your VPN server on your home router instead of in the cloud, youll be able to use your home connection. From printing on your personal printer to accessing files on your NAS, anything that works from home will work while connected to the VPN. You can travel and still have access to your digital resources at home.
- A good learning experience. Although you can set up your own VPN with relatively little computer knowledge, the process will introduce you to lots of concepts and technologies that are common in IT.
How Remote Access VPN Software Works
How exactly does Access Server accomplish this?
How remote access VPN works is this: you start with an already existing connection. The most logical and popular method of transporting info is the public internet so a VPN carries information there. But anything you send over the internet that isnt protected can be seen by any other people along that path. Anyone on your wifi network could eavesdrop on what youre doing. The only way to prevent that?
Encryption.
Thats what Access Server uses. Whatever you send out on your own Wifi, at your office, or somewhere in between, gets encrypted. That means only your device and the Access Server in your office know how to read it. To everyone else, its just a garbled mess.
Encryption is a pillar of VPNs. When connected to AS with your phone, any information you pull up becomes encrypted and unreadable only then does it goes on its merry way across the internet
While its in transit there, no one can understand it its simply garbled nonsense. Access Server, however, has keys to un-encrypt it, which is how it can read it. Any info then sent back to your device from Access Server is encrypted as well, so that anything that goes over that connection in either direction is unreadable to anyone else.
Lets look at an example.
Recommended Reading: How To Change VPN Location On Android
How Does A VPN Router Work
A VPN creates an encrypted and secure connection between the device its installed on and the internet. It gathers all of that devices requests to access the internet and directs them through its encrypted tunnel and VPN server so they cant be read or redirected.
Thats easy to understand when youre on a device with a user interface. Want to visit a website? You go through the tunnel. Want to video call your BFF? Through the tunnel. But what happens on a device with no user interface, like a router?
Once youve set up a router VPN, every single device connected to your router will have its traffic sent through the encrypted tunnel. Your PC, your laptop, your home entertainment system, and even your smart IoT toaster.
How To Set Up A VPN At Home On Windows 10
You will get a dialogue box with several fields that you need to till now.
The connection name, you can choose the name of the VPN connection provider and server location.
In the next field, you have to type the servers address that you will get with your VPN account.
Now, you can connect to the Wi-Fi network on Windows 10 through a quick launch.
Recommended Reading: Att Blocking VPN
Setting Up A VPN Server On A Router
Installing A VPN On Your Router
Before you set up the VPN on your router, youll need to verify a few things:
- Your router must support acting as a VPN client. Check the manufacturers website, search Google, or look through the configuration interface to figure out if it will work.
- If it doesnt, youll need to install third-party firmware. OpenWrt is a popular option with tons of useful features, including VPN support. Installing it can be an in-depth process, so set aside some time to do this.
- If your router doesnt work with VPNs natively and doesnt support other firmware, youll need to purchase a different one.
The process of setting up the VPN connection on your router will differ based on its brand and configuration software. Look in your owners manual or on the manufacturers website for specific instructions. However, it will probably look something like this:
Don’t Miss: How To Get A VPN On Xbox One
Work From Home During Covid
VPN is especially helpful during the current times when nearly every business is working from home in the wake of the COVID-19 pandemic. The key to an efficient operation during this unprecedented time is constant communication between team members. Its why video-conferencing services have seen a significant jump in new users.
In the professional space, a company has a local network that includes computers and other devices such as printers. Usually, a filesharing folder is also present to allow different teams to share files swiftly. VPN allows the employees to continue to access such resources when they are working from home by connecting to the companys VPN. This VPN is very private, and grants access through credentials provided by the company.
Home Network Ip Addresses
All of your devices will need an IP address.
This is provided automatically by a service called DHCP which, by default, is provided by the home router.
IP address provided by the DHCP server are known as dynamic addresses, as they can change. You can also assign addresses manually, and these are known as static addresses.
Static Addresses are not normally assigned but are often required when using Port forwarding.
They can be assigned on the network settings of the device, but preferably on the DHCP server using reserved addresses.
Additionally the addresses used on your home network are known as internal addresses.
When you connect to the Internet your device will use an external IP address. This address is the IP address of the router/hub. See Internal vs external IP addresses for a more detailed explanation.
Finding Your DNS, IP, MAC Addresses and Router IP Addess
You may need to find out what DNS servers you are using or the IP or MAC address of:
- Your Home Router.
The main tool you use is the ipconfig or ifconfig tool.
The screen shot below shows the ipconfig command use with the /all switch. i.e. ipconfig/all
Your home router is your gateway to the Internet. When viewing your configuration some devices refer to it as the default router whereas other use the term default gateway.
In the screen shot above it is 192.168.1.254
Recommended Reading: Is Protonvpn Legit
Pros And Cons Of Setting Up A VPN On Your Router
Compared to configuring a VPN on only some of your devices, setting one up on your router can be advantageous:
However, there are also some disadvantages of router-based VPN usage:
Youll need to balance the positives and negatives of using a VPN on your router in your particular situation. If you have a lot of devices and your router works out of the box, a router-based VPN might be a great choice. At the same time, if you have a data cap and an unsupported router, you should stick with per-device VPNs.