Router with VPN

Questions on how we spend our money and our time - consumer goods and services, home and vehicle, leisure and recreational activities
Post Reply
Topic Author
antiqueman
Posts: 526
Joined: Thu Mar 12, 2009 5:22 pm

Router with VPN

Post by antiqueman » Wed Apr 24, 2019 1:30 pm

I know very , very little about technology. I have decided I probably need a VPN to at least try to add security to my online brokerage and bank transactions. I also need a router because my internet wifi device does not have a signal strong enough to carry the signal throughout my 3500 sq ft house.

So I think I need a good wifi router with a built in VPN if possible. Can routers be purchases with a vpn? If so , what companies make them? Is there an extra monthly charge for use of a VPN?

Any help on these issues would be appreciated.

Thanks.

bloom2708
Posts: 6352
Joined: Wed Apr 02, 2014 2:08 pm
Location: Fargo, ND

Re: Router with VPN

Post by bloom2708 » Wed Apr 24, 2019 2:24 pm

I would look at a 1, 2 or 3 port mesh router system like Google Wi-Fi. You buy as many units as you need to cover your house. We have 1 unit on each floor. 3 units total.

https://computers.woot.com/offers/googl ... cnt_wp_1_4

A VPN routes traffic through the VPN providers servers. The router will not have a built in VPN.

You would purchase a VPN and they tell you what settings to adjust in the settings of your router.

If you use strong passwords, 2 factor authentication and your few/limited devices on your network/router, I do not think a VPN will add anything to secure your transactions.

A VPN might be used to filter out adult content, restrict website access and similar for keeping kids/teens out of trouble when on the network.

Here is an example of a VPN provider:

https://www.purevpn.com/why-purevpn

I have no experience with any of them. I use a strong WPA-PSK password on our router and 2 factor authentication with strong passwords.
"We are not here to agree with you; we are here to provoke thoughtfulness." Unknown Boglehead

HawkeyePierce
Posts: 298
Joined: Tue Mar 05, 2019 10:29 pm
Location: New Zealand

Re: Router with VPN

Post by HawkeyePierce » Wed Apr 24, 2019 2:34 pm

A VPN will not add any security to your online banking. No need to bother.

FreemanB
Posts: 285
Joined: Thu May 22, 2014 5:55 am

Re: Router with VPN

Post by FreemanB » Wed Apr 24, 2019 2:51 pm

A VPN can be useful when you don't trust the network you are connected to, such as when using hotel or public WIFI networks, but honestly, I'd just avoid doing anything sensitive while on those networks anyway. There's no security reason to use one on your own private network.(It can still be used to hide activities, but it won't realistically add security)

There are multiple solutions to providing WiFi to a larger home. Mesh routers are popular, but I used MoCA adapters to provide a network connection to multiple places in my home using existing coax lines, then used a second WiFi router connected to one of them to provide additional coverage. Since I already had Verizon Fios routers(Which use MoCA by default), it was easiest way for me to extend my network.

User avatar
prudent
Moderator
Posts: 6511
Joined: Fri May 20, 2011 2:50 pm

Re: Router with VPN

Post by prudent » Wed Apr 24, 2019 4:53 pm

Topic moved to Personal Consumer Issues.

jminv
Posts: 896
Joined: Tue Jan 02, 2018 10:58 pm

Re: Router with VPN

Post by jminv » Wed Apr 24, 2019 5:12 pm

antiqueman wrote:
Wed Apr 24, 2019 1:30 pm
I know very , very little about technology. I have decided I probably need a VPN to at least try to add security to my online brokerage and bank transactions. I also need a router because my internet wifi device does not have a signal strong enough to carry the signal throughout my 3500 sq ft house.

So I think I need a good wifi router with a built in VPN if possible. Can routers be purchases with a vpn? If so , what companies make them? Is there an extra monthly charge for use of a VPN?

Any help on these issues would be appreciated.

Thanks.
No real reason for a VPN router system at home in the states for that. As others have said, if you want more coverage in your house consider a mesh network. You could go for AmpliFi, I like the company that makes them.

In any case, if you want a VPN, ExpressVPN has one of the simplest router VPN installations. They also allow 4 connections so you can use it on your router and 3 other devices at the same time (ie laptop, phone, tablet).
https://www.expressvpn.com/vpn-software/vpn-router
Look at step 3 and see if your router is supported. If it's not, get one that is or look farther down and see the section on manual installation. Click your router brand and see if you're comfortable doing it.

If you use a streaming service such as Netflix, Amazon, or HBO Now, be aware that a VPN can cause problems, including the inability to watch anything. If you're using Express VPN, you need to connect to the Washington DC server to avoid this. I use this to watch programs overseas, which is also why the streamers try to block VPNs that are designed to help us expats do that.

3504PIR
Posts: 772
Joined: Mon Jul 26, 2010 2:46 am

Re: Router with VPN

Post by 3504PIR » Wed Apr 24, 2019 7:04 pm

I had a router with a built in VPN, soit is possible. I bought the router package through strong vpn. I think it is much cheaper now just to purchase a vpn service and enable that on your devices than to go the router route these days. But it certainly is possible. Look at strong vpn. They used to sell routers with embedded vpn coding.

bampf
Posts: 298
Joined: Thu Aug 04, 2016 6:19 pm

Re: Router with VPN

Post by bampf » Thu Apr 25, 2019 5:46 am

A lot of people telling you what you need or don't need but not answering your question. ExpressVpn has a router with vpn. It works and it works well.

Edit: I just noticed Jminv said the same thing. He is correct. I stopped reading after the "you don't need it" which in retrospect was a poor choice.

mrmass
Posts: 213
Joined: Thu Jul 26, 2018 6:35 pm

Re: Router with VPN

Post by mrmass » Thu Apr 25, 2019 5:54 am

You could also consider turning on your phone's hotspot and connecting your computer via wireless to that phone-then you'd be connecting to the internet--->bank via your cell network (4G, 5G, how many G's do we need). This avoids connecting to a possibly less secure wifi connection.

typical.investor
Posts: 927
Joined: Mon Jun 11, 2018 3:17 am

Re: Router with VPN

Post by typical.investor » Thu Apr 25, 2019 7:06 am

3504PIR wrote:
Wed Apr 24, 2019 7:04 pm
I had a router with a built in VPN, soit is possible. I bought the router package through strong vpn. I think it is much cheaper now just to purchase a vpn service and enable that on your devices than to go the router route these days. But it certainly is possible. Look at strong vpn. They used to sell routers with embedded vpn coding.
I agree.

NordVPN for instance has great clients (ios, android, OSX, windows, linux etc etc) that make it super easy to connect.

I run a VPN router, but the clients are better.

Watching HULU overseas is a bit of cat-and-mouse where the working servers change because HULU does something, and with a client you try another server so easily. The router then needs to be reconfigured which isn't so difficult, but it's much more time consuming for the router to reboot to try another server. There is a list of which servers to use, but as stated media alters things.

I stick with it since ChromeCast needs VPN on the wifi.

Anyway, for banking the potential problem with simply using a client is not turning the VPN on. You can set a kill switch though, so nothing connects if the VPN clients isn't working.

Also, preconfigured routers are more expensive.

I bought a normal one and installed DD-WRT. Not all can do it though, you need to consult a list.

The NETGEAR R6700 looks pretty good.

https://www.lifewire.com/best-dd-wrt-routers-4160687

michaeljc70
Posts: 5200
Joined: Thu Oct 15, 2015 3:53 pm

Re: Router with VPN

Post by michaeljc70 » Thu Apr 25, 2019 9:29 am

You would get a router that supports a VPN and then purchase (or possibly use a free) a VPN service and input the credentials they give you in the router settings. Many routers support this now so I would look at mesh router reviews since you have a big house and then look for the vpn feature rather than the other way around. What I would watch out for is the ability to bypass the VPN. Many sites do not work with VPNs and you won't have access if you cannot bypass it easily.

I have a VPN on each of my devices for use when needed rather than on my router.

Luke Duke
Posts: 861
Joined: Tue Jun 18, 2013 11:44 am
Location: Texas

Re: Router with VPN

Post by Luke Duke » Thu Apr 25, 2019 9:52 am

FreemanB wrote:
Wed Apr 24, 2019 2:51 pm
A VPN can be useful when you don't trust the network you are connected to, such as when using hotel or public WIFI networks, but honestly, I'd just avoid doing anything sensitive while on those networks anyway. There's no security reason to use one on your own private network.(It can still be used to hide activities, but it won't realistically add security)
This. Netgear Nighthawk routers have built-in VPN via OpenVPN so you can connect through your home network while on the road.
http://www.amazon.com/R7000-100PAS-Nigh ... Compatible

LawyersGunsAndMoney
Posts: 132
Joined: Tue Aug 02, 2016 2:00 pm

Re: Router with VPN

Post by LawyersGunsAndMoney » Thu Apr 25, 2019 10:13 am

Any halfway decent router will support VPN, you just have to subscribe to a VPN (I use Private Internet Access) and follow instructions for how to access the router's setup portal and make the adjustment.

Honestly, it is much easier to just use VPN software on your computer and be mindful of connecting when banking.

The downside of setting up VPN through your router will be that your internet speeds will be slower than they were before, you will have to choose which VPN server to connect to, and that server may be fast some times, and slow other times. It may also be IP blacklisted by certain websites.

When you are using a VPN connection via software on your computer, its easy to change the server you're connecting to if its running slowly or is blacklisted by, say, an e-commerce site you want to buy from. When it's progammed into the router, it becomes a more annoying issue.

TravelGeek
Posts: 3012
Joined: Sat Oct 25, 2014 3:23 pm

Re: Router with VPN

Post by TravelGeek » Thu Apr 25, 2019 10:33 am

Luke Duke wrote:
Thu Apr 25, 2019 9:52 am
FreemanB wrote:
Wed Apr 24, 2019 2:51 pm
A VPN can be useful when you don't trust the network you are connected to, such as when using hotel or public WIFI networks, but honestly, I'd just avoid doing anything sensitive while on those networks anyway. There's no security reason to use one on your own private network.(It can still be used to hide activities, but it won't realistically add security)
This. Netgear Nighthawk routers have built-in VPN via OpenVPN so you can connect through your home network while on the road.
http://www.amazon.com/R7000-100PAS-Nigh ... Compatible
I think people are mixing different use cases in this thread.

1. Router connects to VPN provider; all the traffic from the home network going to the internet is “protected” to the VPN provider.

2. Router provides ability to connect *to* the home network from a remote location via VPN (and the back out to the internet if needed, so your home network beccomes your trusted VPN provider). This protects the connection from your hotel/coffee shop to your home network.

I personally don’t see much value in #1. What does it protect me from? Maybe it hides my internet (browsing) activities from my internet provider (SSL protects traffic is already encrypted), but now instead that information is available to some VPN provider that I don’t necessarily have reason to trust more.

I haven’t set up #2 yet, but expect to use that soon.

mouth
Posts: 159
Joined: Sun Apr 19, 2015 6:40 am

Re: Router with VPN

Post by mouth » Thu Apr 25, 2019 10:51 am

OP, you really need to consider what it is you're trying to protect against. If you're surfing from home the questions are, 1) do I trust my machine? and 2) do I trust the network my data is transiting? You also have to wonder if you trust the end-point but you have little to no control over that outside of using HTTPS and trusting the certificate authority chain of trust (more on that later)

So lets get #1 out of the way because it is going to be the same in all scenarios ...

First ensure all software is up to date with the latest security patches. When push comes to shove, the risk of patching early and getting caught out by an undiscovered bug is less than patching late and getting caught out by a bug that is known and weaponized. Also, it is CRUCIAL that you are not logged in as an admin user. You might not realize it but the default install of Windows gives your account elevated privileges that you DO NOT NEED OR WANT. The only time you want to have those privileges is when you intend to do certain things and it is a good thing that you might need to take an extra step to make it happen. So the trick is to create another user, like mouth-admin with admin privileges and then downgrade your usual account to a "standard users". Good general instructions are here https://www.windowscentral.com/how-chan ... windows-10

Next, your browser. There's good reason to worry about your browser and how it stores and exposes data with potentially malicious websites you visit. There are a few techniques to deal with this but the easiest is to use two different browsers. One for causal browsing and the other for sensitive browsing. And for the sensitive one, beyond talking nicely to it, you want it to have no 3rd party extensions or plug-ins at all and you'll want to clear ALL history, cache, cookies, etc on close. An alternative is a container browsing session, not to be confused with a private session. A container session really and truly isolates from your other browsing sessions. Best of all, you don't need two browsers. I think Chrome has that feature, but I know Firefox does. Regardless, the thing you're trying to do is ensure no malicious web pages can snatch up anything from your ongoing or past sensitive browsing session. https://wiki.mozilla.org/Security/Conte ... Containers

Okay now #2 ...
As for the network, a VPN is of zero use EXCEPT when you are not at home. Then, and only then, does using a VPN afford any additional protection. What types of protection can they provide? Simple, it provides protection between your client, and the VPN exit node; but not all the way to the website your visiting! When I travel overseas, or use any local wifi, I use a home-roled OpenVPN server to connect back to my home server. For that part of the trip all my data is protected by the VPN in addition to HTTPS. Once it exits my server it's still wrapped in an HTTPS blanket, but at that point I'm trusting Verizon and every other node between them and my destination to be trustworthy and not attempt a Man-In-The-Middle (MITM) attack. If I don't trust that, then my VPN won't help me and I'm screwed either way even from home.

Let me just add, that if you're concerned about someone breaking HTTPS security outside of a MITM attack, you have bigger concerns than drive-by-hacking, you're worried about state-level attackers. And this is the wrong place to be asking these questions ... probably your therapist can help you best ;-)

So this is why your desire for a VPN to protect brokerage transactions is a bit off. Even if you choose to purchase VPN services (because the free ones have shown to be hard to trust) which you will then connect to via your router, you still have to trust 1) the VPN service and 2) every other node between them and your brokerage. Do you? Why? Why Not? Why do you trust your VPN service and its network backhaul more than your home ISP?

So the only way to be sure is to encrypt all data at both end points, your computer and the brokerage servers. Well HTTPS and Certificate Authorities is your end-to-end encryption solution.

But what about MITM attacks??? I'll save myself some typing by just pointing you to the very useful wikipedia page https://en.wikipedia.org/wiki/Man-in-the-middle_attack

The solution isn't perfect, that's for sure. But it's important to understand that VPN will not reduce your risk of MITM attacks nor the risk of your client leaking information.

So why do corporations use VPN? Simple, they control both ends points. When I VPN into my firm's network I know I'm protected by that VPN tunnel the entire way and no one should be able to tamper with the connection from end-to-end.

An interesting aside on the topic of MITM "attacks" is working for the federal government. When I surf to my gmail account from my work computer and inspect the certificates, it is very easy to see (they don't try to hide it), that the government servers are performing a MITM certificate switcheroo along the path. Google doesn't complain about it because the certificate is still considered signed by a Certificate Authority and my browser doesn't complain about it for the same reason. Why do they do it? They want to scan all traffic for malware and probably keyword searches to catch bad actors. It's the price I pay for using personal email on a government computer. But beyond that single security node where the government is inspecting my traffic, it is otherwise HTTPS security the whole way.

dsmclone
Posts: 343
Joined: Fri Oct 25, 2013 8:50 am

Re: Router with VPN

Post by dsmclone » Thu Apr 25, 2019 1:55 pm

michaeljc70 wrote:
Thu Apr 25, 2019 9:29 am

I have a VPN on each of my devices for use when needed rather than on my router.
Same here. 99% of the time I don't need it so there is no use in hurting my speed 100% of the time.

typical.investor
Posts: 927
Joined: Mon Jun 11, 2018 3:17 am

Re: Router with VPN

Post by typical.investor » Thu Apr 25, 2019 5:25 pm

TravelGeek wrote:
Thu Apr 25, 2019 10:33 am
Luke Duke wrote:
Thu Apr 25, 2019 9:52 am
FreemanB wrote:
Wed Apr 24, 2019 2:51 pm
A VPN can be useful when you don't trust the network you are connected to, such as when using hotel or public WIFI networks, but honestly, I'd just avoid doing anything sensitive while on those networks anyway. There's no security reason to use one on your own private network.(It can still be used to hide activities, but it won't realistically add security)
This. Netgear Nighthawk routers have built-in VPN via OpenVPN so you can connect through your home network while on the road.
http://www.amazon.com/R7000-100PAS-Nigh ... Compatible
I think people are mixing different use cases in this thread.

1. Router connects to VPN provider; all the traffic from the home network going to the internet is “protected” to the VPN provider.

2. Router provides ability to connect *to* the home network from a remote location via VPN (and the back out to the internet if needed, so your home network beccomes your trusted VPN provider). This protects the connection from your hotel/coffee shop to your home network.

I personally don’t see much value in #1. What does it protect me from? Maybe it hides my internet (browsing) activities from my internet provider (SSL protects traffic is already encrypted), but now instead that information is available to some VPN provider that I don’t necessarily have reason to trust more.

I haven’t set up #2 yet, but expect to use that soon.
As for #2, doesn’t running a VPN client on your device accomplish the same thing?

But instead of going hotel/cafe/wherever to home to the VPN server, you are going hotel/cafe/wherever to the VPN server.

You don’t need a VPN on your home router to protect you in a hotel or cafe.

I don’t see what it accomplishes. Am I missing something?

TravelGeek
Posts: 3012
Joined: Sat Oct 25, 2014 3:23 pm

Re: Router with VPN

Post by TravelGeek » Thu Apr 25, 2019 6:00 pm

typical.investor wrote:
Thu Apr 25, 2019 5:25 pm

As for #2, doesn’t running a VPN client on your device accomplish the same thing?
You run a VPN client on your device no matter what. You either configure it to connect to a server operated by some VPN service provider or you configure it to connect to your own VPN server on your home router.

Why would you route through home? Maybe because you trust your ISP at home more than a VPN provider (there are dozens and it seems difficult to evaluate their trustworthiness, especially the “free” one). Maybe because it’s free.

gpburdell
Posts: 174
Joined: Sun Jun 17, 2012 9:01 pm

Re: Router with VPN

Post by gpburdell » Fri Apr 26, 2019 12:06 am

HawkeyePierce wrote:
Wed Apr 24, 2019 2:34 pm
A VPN will not add any security to your online banking. No need to bother.
+1 The VPN encrypts the traffic from your device to the VPN provider. Once it leaves the provider it is just normal traffic again.

I only use VPN at home when I'm trying to get around sites that geo block content or if for some reason I wanted to hide my real IP address. I do this on my devices and not the router. Some devices don't allow VPN clients (i.e. Roku) so if I wanted it for that then you could setup on your router but then all traffic will go through the VPN which isn't ideal.

Dakotah
Posts: 83
Joined: Sun Jun 13, 2010 9:28 pm

Re: Router with VPN

Post by Dakotah » Sat Apr 27, 2019 8:44 am

typical.investor wrote:
Thu Apr 25, 2019 5:25 pm
TravelGeek wrote:
Thu Apr 25, 2019 10:33 am
Luke Duke wrote:
Thu Apr 25, 2019 9:52 am
FreemanB wrote:
Wed Apr 24, 2019 2:51 pm
A VPN can be useful when you don't trust the network you are connected to, such as when using hotel or public WIFI networks, but honestly, I'd just avoid doing anything sensitive while on those networks anyway. There's no security reason to use one on your own private network.(It can still be used to hide activities, but it won't realistically add security)
This. Netgear Nighthawk routers have built-in VPN via OpenVPN so you can connect through your home network while on the road.
http://www.amazon.com/R7000-100PAS-Nigh ... Compatible
I think people are mixing different use cases in this thread.

1. Router connects to VPN provider; all the traffic from the home network going to the internet is “protected” to the VPN provider.

2. Router provides ability to connect *to* the home network from a remote location via VPN (and the back out to the internet if needed, so your home network beccomes your trusted VPN provider). This protects the connection from your hotel/coffee shop to your home network.

I personally don’t see much value in #1. What does it protect me from? Maybe it hides my internet (browsing) activities from my internet provider (SSL protects traffic is already encrypted), but now instead that information is available to some VPN provider that I don’t necessarily have reason to trust more.

I haven’t set up #2 yet, but expect to use that soon.
As for #2, doesn’t running a VPN client on your device accomplish the same thing?

But instead of going hotel/cafe/wherever to home to the VPN server, you are going hotel/cafe/wherever to the VPN server.

You don’t need a VPN on your home router to protect you in a hotel or cafe.

I don’t see what it accomplishes. Am I missing something?
The primary purpose of #2 is to enable you access resources that remain on your home network. Say, for example, you have a Network Attached Storage (NAS) device at home that contains files that you want to have access to while you are out on the road. VPN'ing into your home router will allow you to securely access your NAS regardless of where you are. Secondarily, your home-router VPN can act as that VPN-provider to enable "hot-spot" protection while you are at the hotel/cafe/wherever. This is, in my opinion, preferable to using the free/subscription VPN services...because using them opens up a host of largely-unknowable vulnerabilities depending on the policies and trustworthiness of the providers.

typical.investor
Posts: 927
Joined: Mon Jun 11, 2018 3:17 am

Re: Router with VPN

Post by typical.investor » Sat Apr 27, 2019 9:10 am

Dakotah wrote:
Sat Apr 27, 2019 8:44 am
typical.investor wrote:
Thu Apr 25, 2019 5:25 pm
TravelGeek wrote:
Thu Apr 25, 2019 10:33 am
Luke Duke wrote:
Thu Apr 25, 2019 9:52 am
FreemanB wrote:
Wed Apr 24, 2019 2:51 pm
A VPN can be useful when you don't trust the network you are connected to, such as when using hotel or public WIFI networks, but honestly, I'd just avoid doing anything sensitive while on those networks anyway. There's no security reason to use one on your own private network.(It can still be used to hide activities, but it won't realistically add security)
This. Netgear Nighthawk routers have built-in VPN via OpenVPN so you can connect through your home network while on the road.
http://www.amazon.com/R7000-100PAS-Nigh ... Compatible
I think people are mixing different use cases in this thread.

1. Router connects to VPN provider; all the traffic from the home network going to the internet is “protected” to the VPN provider.

2. Router provides ability to connect *to* the home network from a remote location via VPN (and the back out to the internet if needed, so your home network beccomes your trusted VPN provider). This protects the connection from your hotel/coffee shop to your home network.

I personally don’t see much value in #1. What does it protect me from? Maybe it hides my internet (browsing) activities from my internet provider (SSL protects traffic is already encrypted), but now instead that information is available to some VPN provider that I don’t necessarily have reason to trust more.

I haven’t set up #2 yet, but expect to use that soon.
As for #2, doesn’t running a VPN client on your device accomplish the same thing?

But instead of going hotel/cafe/wherever to home to the VPN server, you are going hotel/cafe/wherever to the VPN server.

You don’t need a VPN on your home router to protect you in a hotel or cafe.

I don’t see what it accomplishes. Am I missing something?
The primary purpose of #2 is to enable you access resources that remain on your home network. Say, for example, you have a Network Attached Storage (NAS) device at home that contains files that you want to have access to while you are out on the road. VPN'ing into your home router will allow you to securely access your NAS regardless of where you are. Secondarily, your home-router VPN can act as that VPN-provider to enable "hot-spot" protection while you are at the hotel/cafe/wherever. This is, in my opinion, preferable to using the free/subscription VPN services...because using them opens up a host of largely-unknowable vulnerabilities depending on the policies and trustworthiness of the providers.
I see. That doesn’t work for me.

I need to fake being in the US for things like Obama-care. More and more sites are disallowing access from outside the country.

No I don’t need healthcare in the US, but my minor child does.

And I doubt my ISP is any more trustworthy or secure than NORDVPN.

And if your home-network goes down (power, pet pulled cable, building maintenance ...whatever) while you are traveling .... I prefer customer support.

By the way. Netflix UK has better programming the the US in my opinion. Discovered that by chance and was glad I did.

Post Reply