I am using a virtual instance of Openwrt to use Wireguard with Proton VPN. This instance is behind a Asus router that serves my whole network. The devices serviced by this Openwrt instance are LXC's sharing a virtual bridge in proxmox. VPN within the Openwrt subnet for the LXC's is working.
ISP Modem --> Asus Router on subnet 1 --> Openwrt VM --> containers on subnet 2.
Will my isp be able to see the traffic flowing from the virtual Openwrt VM?
Should I just make my Asus router be a use wireguard client?
Will adjusting the dns server to my VPN dns make a difference?
Thank you!
If the OpenWrt guest VM and the entire VM host environment is configured properly, everything that egresses from that VM system will be encrypted via a tunnel to the VPN provider's endpoint. Your ISP won't be able to see anything (from those devices) aside from the tunnel itself to Proton.
Generally, I'd say yes to this. But it does depend on a number of factors, and if your Proxmox system is the only thing that should be VPN'd, maybe it's easier to do it there.. However, be aware that routing within VMs can be tricky and you have to have both the router and the host system properly configured.
Everything will go through the tunnel, so using the VPN's DNS is an option, but you can use any public DNS you want, too. This comes down to preference.
Thank you for your help. When I log onto my Asus router, it can find the ip of the Openwrt router on my promox. Am I to understand that the information traveling through this ip and out my asus router is just showing the isp "proton vpn traffic'?
When I log onto a debianserved by openwrt and go to ip.me, it shows my vpn ip.
but obviously, when i use a device outside the openwrt devices, i see my isp issued ip.
Yup... if it couldn't, the OpenWrt VM wouldn't be able to contact the outside world at all.
Yup, as long as you've configured things properly.
and it sounds like it is configured correctly.
Yup. As expected.
you're welcome.
If your problem is solved, please consider marking this topic as [Solved]. See How to mark a topic as [Solved] for a short how-to.
Thanks!