on 27-09-2021 19:24
I am toying with the idea of purchasing a VPN and I'm thinking, if I can apply it directly to my Super Hub 3, then all of my appliances will be covered in one hit. My question is, can it be done, if so, how? I also have several Zigbee Smart Bulbs around the house, I assume these won't be affected?
Any help and guidance will be appreciated.
Thanks in advance.
on 27-09-2021 19:36
It can't be done, no.
on 28-09-2021 06:33
You could be a VPN Router and put your SH3 into modem mode.
@Pilkie wrote:I am toying with the idea of purchasing a VPN and I'm thinking, if I can apply it directly to my Super Hub 3, then all of my appliances will be covered in one hit. My question is, can it be done, if so, how? I also have several Zigbee Smart Bulbs around the house, I assume these won't be affected?
Any help and guidance will be appreciated.
Thanks in advance.
28-09-2021 06:53 - edited 28-09-2021 06:53
Whilst @ozsat 's comments are the best way to go, VPNs do require significant CPU grunt so a higher end router would be required.
What type of VPN are you wanting to setup? (incoming client server or VPN endpoint)
on 28-09-2021 11:39
I have a common or garden home network which I am thinking of protecting against attacks from scroats who think they have more rights to my unimportant data than I do. I have a TP-Link AC2300 router sitting in wait for me to install on my network, I could set up a VPN (I'm considering NordVPN, by the way) on each of my computers and phones, I'm just trying to find an easier way of covering everything in one go.
Thanks for your input, you obviously have more experience than me, I just testing my foot in the water, so to speak.
28-09-2021 11:57 - edited 28-09-2021 12:01
Set up a VPN on your router/switch. Not on devices.
For a while I did use Nord connected by openvpn from my pfsense with routing rules so certain devices used the nord circuit. This meant stuff that couldn't have a vpn client were still using a vpn for external.
Also by placing a openvpn server on your router/firewall you can then support road warrior access from your phone/tablet/laptop to give you home network access away from home.
Additionally I also use StrongSwan on my remotely hosted servers to connect back via an IPSEC VPN on the firewall to make my remote servers part of the home network. The reason for the different VPN type (OpenVPN, and IPSEC) being I never know the remote Openvpn client address and therefore impose certificates and is a client initiated connection, but for the remote servers, I need either end to be able to initiate the connection. remotes are fixed IP. and I use a dynamic name for my VM connected firewall.
on 28-09-2021 15:55
Hi Timwilky
It's clear your networking experience is far greater than mine, I'm not sure I'd be able to do all that.
I take it putting a VPN onto a router is not as simple as I had first thought, to do what you have done, I'd need my hand held throughout the process, so I think it's not going to happen. I appreciate your input and I'll try to see if Youtube has any answers, maybe even similar to your setup.
Thank you so much for your help.
on 28-09-2021 16:03
on 28-09-2021 16:43
@Pilkie before we get too far down the rabbit hole here, I should point out that a VPN is nothing more than an encrypted tunnel between two endpoints which passes through the public internet. There is a huge amount of confusion, if not downright lies about what they are and what they do.
One thing though is that for the vast majority of home users, a VPN will do precisely nothing to improve security, indeed unless you fully understand what they are doing, it's arguable that they make your home network less secure.
on 29-09-2021 11:39
Just to add to the confusion, a VPN will not improve security, it will just introduce some level of privacy to your connections.
Also you need to consider the two types of VPN setup - client and server.
From your OP it looks like you are looking to set up a client connection to a public VPN server (NordVPN) and as such benefit from whatever privacy you could get from the provider. You will not gain anything in terms of security, nor would you compromise your own security, as you would not be opening an incoming tunnel into your network.
This setup is fairly simple and you will find plenty of instructions on the provider's website, with your given router you should be up and running within a few minutes.