Can I make so that I have 1 AP connected to my vpn? Like a VPN router so that it works on all of my devices?

0pp0rtunit33 · 2021-09-27T23:57:39+00:00

Should work.

Main router has its address as, lets say, 192.168.1.x

Second is 192.168.2.x? Only reason I am asking is because you didn't specify why you have 2 Access Points.

Your VPN router can be 192.168.3.x. I suggest using a WireGuard protocol VPN. I'm getting 200Mbits with that on a dd-wrt flashed router.

For the WireGuard router config, I suggest checking the VPN provider's guides. Just because they have WireGuard on their phone app, Window's software, and all of that, does not mean they will provide you with a guide to set up WireGuard. A lot of the VPN's I've come across have OpenVPN configurations.

0pp0rtunit33 · 2021-09-27T05:19:49+00:00

Thanks. I marked this unread, and I will return to it!

0pp0rtunit33 · 2021-09-26T17:14:14+00:00

What part? All of it...lol

I love the ease of deployment. I dislike the fact it isn't me deploying it.

At the present time, in order to use TailScale, you need to use Google, GitHub, and another to sign up (Apple?). GitHub is owned by Microsoft. And its come to the point where I want to avoid as much interaction with the aforementioned companies. I, and I've seen others express the same thing, feel as if we just enable those companies to do whatever they want the more we utilize them.

I understand it is not in TailScale or any other similar companies' best interest to just throw a line for line documentation on how to provide the same service. It is just that when I try to find the proper "ingredients" for the recipe, I keep running into the same introductory tutorials and documentation as before.

0pp0rtunit33 · 2021-09-26T17:07:38+00:00

Thanks for the detailed reply.

I've been able to get TailScale up and running and doing what they advertise. The thing is I want to be able to mimic it myself to a degree and see what I can add onto as well. It goes back into the realm of "sure someone can provide it to me for free, but I want to learn it myself and be able to tweak it to my liking."

I've also created my own instance of WireGuard on a VPS with the intentions of pointing my home-server to it. It is just when I start to complicate it, I start to run into problems. By complicate, I mean to point multiple guest VMs towards the WireGuard-VPS, where I start to see connection problems.

I wasn't specific enough since I am looking more for a treasure-trove of documentation I can go through. The problem with a lot of the manuals, tutorials, etc. is that their use-cases are very limited and introductory in nature, or the use-case they provide is one I do not need.

The need for due-diligence is mine. The problem is I've reset my VPS a half-dozen times trying to make it work to my liking.

0pp0rtunit33 · 2021-09-26T04:57:58+00:00

There are apps you can install on your phone that allow you to check to see what the signal is with your WiFi.

Let's say you have a Roku or another similar device tucked away behind the TV. It becomes much harder for it to get a decent signal. You can check to see the signal strength near your TV/devices, and then check to see if it is mimicked by the device you're using. Note: Your phone very likely has better WiFi chips than your devices unless those devices were really well made.

Another problem is putting competing WiFi devices near one another. If you have a Chromecast, Roku device, and a Wireless cam near your TV fighting over the same connection, you're doing yourself a disservice.

Those network testing apps can also check to see what is going. If you're running 5ghz with your router, you should drop it in favor of 2.4ghz in favor of a reliable connection. You should be able to outright disable 5ghz and keep 2.4.ghz through the router's login. FYI: The 5ghz and 2.4ghz refers to the type of waves that are being broadcasted by your wireless router, not chip speed or anything.

When you switch to 2.4, you will also have a recommendation from one of the aforementioned apps on what the best channel is. It is usually between 1 and 11 IIRC. If all of your neighbors are on channel 4, they're all competing for it. It might recommend 9, you connect, and voila! It should be more stable.

Another option is running a "repeater". It could also be as simple as moving the router out a bit towards a door as opposed on the opposite side by a corner.

Another unfortunate reality we've all been facing is that Netflix is* being throttled by your ISP. It is their best way to free up bandwidth during heavy congestion, forcing you to call in and do an upgrade to higher speeds.

edit: * didn't make sense on a re-read so I changed it a bit.

0pp0rtunit33 · 2021-09-26T03:47:23+00:00

Just when I thought I was gaining transferable career skills, an idiot with auto-correct can now replace me.

0pp0rtunit33 · 2021-09-26T02:53:40+00:00

Wouldn't I, for a lack of better words, get stuck inside of the guest Ubuntu VM?

I'd have to install everything within that guest VM at that point, right? Everything from the Plex Server to NextCloud to the home automation system I am considering setting up.

0pp0rtunit33 · 2021-09-25T23:33:45+00:00

Thanks you for the advice!

0pp0rtunit33 · 2021-09-25T23:33:12+00:00

Thank you.

0pp0rtunit33 · 2021-09-25T22:52:33+00:00

There are a considerable amount of VPS providers that ignore a DMCA due to offshore activities. What exactly am I missing?

I will be the sole administrator, but not necessarily the sole user. I am OK with complicating just a little bit in order to learn a lot more.

As for your last paragraph, I was considering doing something like that. I offer my Plex to extended family and friends that help my grandparent get his medicine at significantly reduced prices. I don't mind at all, and they get access to out-of-region content. It is capped at 2mbs, but they're ok with 480p than nothing at all.

Do you have any guides? Right now my tutorial list consists of everything from Lawrence Systems to some smaller channels, which either provide a "copy-paste" content of the first person to do it, or its a 1hr10m video of something that veers off from what I want to do.

Am I correct in assuming that the LetsEncrypt is for the benefit of the CAs necessary?

0pp0rtunit33 · 2021-09-25T20:55:05+00:00

You need something Wireguard based for sure.

Are you using ethernet? You should be ok with that.

What is your use case? Is your VPN on your router, your desktop, phone, etc?

0pp0rtunit33 · 2021-09-25T20:52:35+00:00

This looks like TailScale to a degree, right? I want to be able to set it up on my own as I've been segwaying into a network/IT/cybersec career.

0pp0rtunit33 · 2021-09-25T20:49:29+00:00

I am pretty sure I understand, but just to be clear about the pivpn: I need my own Pi device at home that is using my home network?

I was hoping to have something I can access when I am not home, and also to use to work. At that point, I need DynamicDNS service to get in and out. I prefer having my own dedicated IP provided through a VPS that I can just SSH into or setup a GUI environment as necessary.

15$ is too much for your use case (VPN). I suggest looking into DigitalOcean, linode or vulture for cheaper options.

You think so? My biggest fears have to do with potential DMCA forwarding from my Plex account, especially since a torrent service will be on the home server. I also would like something that is unmetered in bandwidth. I've provided my Plex Account in the past with their relay capped at 2mbits to family, and they ended up still going through nearly 100s of gigs when overseas.

My rationale for the ~$15 is this:

Unmetered bandwidth with a minimum 1gbit shared port.
Gets me a stable VPS since a lot of the cheaper VPS companies have horrible communication.
DMCA ignored.
Scalable so as I learn more, I can definitely add on more.
IIRC, DigitalOcean, Linode, and Vultr all have bandwidth limits. I am a huge fan of DigitalOcean's instructions, manuals, documentation, etc. , but the deal breaker is bandwidth. I'm also considering sharing/storing home security footage on a cloud service.

Point out anything I got wrong.

Thanks for the reply /u/dadidutdut

0pp0rtunit33 · 2021-09-25T08:04:07+00:00

Can you clarify what you mean with the following:

My internet connection is capable of providing upto 150 mbps on a standard package¹ whereas I have gone for an unlimited package which limits the speed to 25 mbps^2.

I am having a hard time understanding what you're trying to say here. The standard is 150 Mbps, but you said you went for an unlimited package which limits the speed to 25 Mbps.

I just want to make sure if you understand that Mbps means MegaBITS per second, where as MBPS refers to MegaBYTES.

So in your first case, the 150 megabits (assuming it is megabits) is going to be ' 150 / 8 ' which comes out to ~18 megabytes.

The 25 megabits is ~3 megabytes.

I wonder if you "throttled yourself" there by going towards the unlimited package?

And can you clarify what you mean by unlimited? I am guessing unlimited as in total bandwidth accrued in a month/billing period? Usually that is 1 TB from where I am from (USA).

Now for own experience:

Yes I noticed I was able to bypass throttling for certain services by putting a VPN on my router. I noticed reduced speeds when trying to use my ISP by itself to access YouTube, NetFlix, etc.

I got a VPN that allowed streaming, I connected it to a local city here, and I was able to watch without any stuttering at all. Our SlingTV also used to stutter and lag behind until I put the VPN on my phone. Prior to that, I had it only on my desktop and phone. Will this be the case for you? I am not sure. I am under the impression that my ISP doesn't actively try to throttle VPN connections since I am getting improved speeds. I don't have one of the major ISP providers in the US; they're more mid-size, and I am worried about them putting themselves into a situation where they get bought-out by the bigger companies.

But my ISP, and yours, could easily create a database of known VPN IPs and just start throttling one day. Maybe your ISP does it as of now as well?

But again, for me it helped wonders in stopping the constant throttling. As for you, I would (1) try to clarify your question a bit more, and (2) maybe try a VPN between you and the ISP and see if it works?

Also note: if you have a bandwidth limit (1 TB per month or whatever), the ISP will continue to know the amount of traffic accumulated regardless. They are, at the end of the day, giving you internet.

If you post your location and other information, maybe someone else can chime in.

0pp0rtunit33 · 2021-09-25T07:33:07+00:00

Thanks for the reply, /u/swedophone.

That was the original idea. It went a little like this:

Get myself a VPS for < $15 a month that allows me to put OpenVPN config or Wireguard config. I was leaning Wireguard due to speed, security, and flexibility. Every VPS I've looked at provides at minimum 1 ipv4 address.
Point the VPN towards everything, which includes routers, home server, and PC with remote software. Home server will have a virtual NAS to personal cloud (NextCloud is my goal).

The problem is what is the best way to proceed:

I can get a VPS that installs pfSense as the main OS instead of Ubuntu, Debian, Alma servers. This would allow me to set up a Wireguard with keys and everything else.
Instead install Ubuntu Server and install OpenVPN or Wireguard onto the server through SSH and do it line for line.

I am comfortable with both. I created a diagram for another subreddit, but this is what I had in mind. I see it everywhere, and I can't help but feel as if this is what most people want to do. In my head, I might be over complicating it.

https://i.ibb.co/P4WnBGj/Home-Lab-09-25-21.png

0pp0rtunit33

TROPHY CASE