hi everyone im trying to use my openwrt router as a whole home vpn solution. i want any device that connects to my router to be on vpn. I dont want to have to setup each device. i want a vpn router thats whole home, easy, and more importantly accessible by only me. no 3rd party interaction at all. i cant find any information on setting it up. I would like step-by-step instructions to set this up. i have luci chaos calmer. i have a spare computer if i need one for a physical host. i consider myself an intermediate developer however i dont have any formal education so the little things fall through the cracks. any help is much appreciated.
Hey there Matt!
A few questions so that people can better help you:
- What router do you have now, or what is your budget?
- When you say "be on VPN", what does that mean to you? Who is connecting from where to where over VPN?
- What bandwidth do you have through your ISP?
- How much VPN bandwidth do you want / need to have?
i have a zbt we1626. i want my isp or anyone else to not be able to trace my traffic. id like to setup a server in my timezone with a different ip address. bandwith im not quite sure. i have cox communications. my apts handle the account so im sure its a basic package.
I would start with https://openwrt.org/docs/guide-user/services/vpn/wireguard as a quick overview.
You'll need to either purchase a remote VPN service, or set one up on a hosting service for the far end.
i want to not use anyone else. is it possible to setup my own hosting service? i have equipment.
Yes, you'll need a colo or other source of connectivity that is not traced the way that consumer-grade lines might be. The way that a VPN works is
you <= encrypted => your server <= open Internet => rest of world
so if that "open Internet" link is from Cox (or the like), you aren't gaining anything.
and i cant find wireguard through web gui. tried installing via command through ssh but no luck
so theres no way to setup whole home vpn without using anyone elses services? i dont like the risk of trusting anyone else to provide service. they say they dont keep logs but how can i be certain? i was hoping for a stand alone whole home vpn router. any optoions?
you'll need to install luci-proto-wireguard and then create a new Interface with Wireguard VPN as the protocol.
In terms of "rolling your own", you could try Algo VPN https://github.com/trailofbits/algo to set up the server on a cloud hosting provider.
A VPN redirects usage of the various users to have it publicly appear to originate from where the VPN server is located.
So if the "whole house" VPN server is inside the same house... it will be the same as just using the Internet without a VPN. In order to disguise what you are doing from your home ISP, you have to use a VPN server in a trusted other location. In that case you are running a VPN client at home, which can offer people on the LAN a shared connection through the VPN.
A potential usage case for having a VPN server at home is when you are away from home and want to use a service such as a streaming TV subscription that requires you to be on your home Internet. You can VPN back to the home and access your files, etc. or originate a TV connection from there, and actually watch the TV channel somewhere else. But I don't think this is what you are wanting.
luci-proto-wireguard isnt coming up in searches. neither is anythintg wireguard. does it run on,luci? and i thought you could setup a host with different ip address. does it need to be hard lined? i could use a wireless connection saeperate from my home
I don't think Wireguard is available on Chaos Calmer. OpenVPN may work for you, but performance will not be good on your router. You're using a very old device that doesn't appear to have current OpenWrt support (18.06.x). You may want to consider getting a newer device.
But before you get another device, you would want to figure out what your remote (far-end) connection will be (commercial VPN service, or some other server solution outside your home, etc.).
i have a solution for that. is there a link someone can send me with step by step openvpn server setup?
or can i upgrade to lede from luci?
I don't know... doesn't look likely based on the TOH -- all I see is a link for 15.05 (CC).
LEDE (17.01) may have Wireguard support, but you'll be better off with OpenWrt 18.06.x.
My suggestions would be:
- Read https://en.wikipedia.org/wiki/Virtual_private_network or similar to get a basic understanding of how VPNs work
- Decide if you want to purchase a VPN service from a provider or to provision a host somewhere outside of your home to be the end point
That last one will determine how complex the setup is.
The Wireguard link provided in my second post on this thread covers the configuration using current OpenWrt.
Wow... my point was that you can easily search for such guides -- there are tons of them out there and they show up immediately in the search engines. Take a look through those hits and then ask questions where you are stuck or need more info. (and yes, for the record, I did think it was cute and I also think that you might be overreacting, just a bit.)
I believe that this community is extremely friendly and helpful (eager to help just because we enjoy this stuff). I (and others here) have already pointed you to some useful information, but it is best if you do some searching on your own and then ask specific questions rather than asking us to provide it to you.
i have researched and that is why i am reaching out to the forums. I found the learning material provided to be vastly overwhelming and am seeking a more simple guide. guess people that live at 42 wallaby way just arent helpful. suppose ill just keep swimming......back to my anemone.
how is using tor? is it comparable to openvpn? the package is available in luci.