I have some serious computing needs and some weird questions. I need to build a secure network that is fairly anonymized. It doesn't need to be pretty, and I don't mind spending plenty of time learning, etc., I just can't really afford to spend a lot of money (3rd world countries are poor). I want cheap, physically compact, simple, but very effective solutions.
My network needs the following:
I want my network of 5-10 computers (connecting both wireless and wired on my LAN) to be anonymized on the net, but maintain a high bandwidth (for our area) and redundancy through multiple internet connections. I live in a small town where I can't get great bandwidth on any single line, but I have access to several smaller connections which I should be able to 'bind together' for my needs. I'll have 2 wired modems and access to 2 wireless networks which have been made available to me; I want to use all 4 to maximize my total bandwidth. I was hoping I would be able to add or drop internet connections easily as well. I need a decent Firewall and Packet shaping options. Separately, but related, my family also needs to be able to login to this network over the net (and be able to avoid censorship/eavesdropping from a government) for access to my network resources and for use as a proxy server to the internet (they could just use the VPN from anywhere, but they need secure access to this network from any location). Something like SSH should do the trick, eh? I was hoping to do this in one badass Router or Proxy server solution and a good VPN service.
I'm just a noob when it comes to computers. I've never done anything like this before, so I'm hoping you could offer advice/ideas/solutions. I'm not even sure if all of this is possible. What are the possible solutions? What hardware/software do I need? What's the cheapest way to do this? I have 4 different sources of bandwidth, 4 IPs, so I'll need to make 4 concurrent VPN connections, right?
I'm speculating this is what it will take:
I considered DD-WRT type router options. I'm afraid it wouldn't get the job done though. Also, Load-balancing routers are expensive. I'm thinking that an extra PC running as a router/proxy server might just be the cheapest load balancing option, and it can firewall right there nicely. Has anyone ever used pfSense? This seemed like a good option, but I could be quite wrong. It can load-balance, but can it do that with VPNs on each connection?
I thought it might look something like this:
Computers on network ==> Switching router/hub ==> Ethernet card on Proxy Server
Ghetto DSL Modem 1 ==> Ethernet card on Proxy Server
Ghetto DSL Modem 2 ==> Ethernet card on Proxy Server
Wireless Network 1 ==> Wireless card/device on Proxy server (this isn't the same as being connected straight into the Modem, so will that affect things?)
Wireless Network 2 ==> Wireless card/device on Proxy server
I might have it all wrong though. Let me know =).
As for the VPN, xerobank has been the best I've found so far. Anyone used this before? What did you think of it? Any options better? Has anyone used a Cryptorouter, what do you think of it?
What problems can I expect? Can one piece of hardware manage connecting to 2 modems and 2 wireless networks? How difficult will it be to tap into the wireless networks available to me? Will I have problems load-balancing? What problems will I run into load-balancing and running through a VPN?
I have several months to get this together at the request of family and friends. Any help would be appreciated.
peace,
4eak
My network needs the following:
I want my network of 5-10 computers (connecting both wireless and wired on my LAN) to be anonymized on the net, but maintain a high bandwidth (for our area) and redundancy through multiple internet connections. I live in a small town where I can't get great bandwidth on any single line, but I have access to several smaller connections which I should be able to 'bind together' for my needs. I'll have 2 wired modems and access to 2 wireless networks which have been made available to me; I want to use all 4 to maximize my total bandwidth. I was hoping I would be able to add or drop internet connections easily as well. I need a decent Firewall and Packet shaping options. Separately, but related, my family also needs to be able to login to this network over the net (and be able to avoid censorship/eavesdropping from a government) for access to my network resources and for use as a proxy server to the internet (they could just use the VPN from anywhere, but they need secure access to this network from any location). Something like SSH should do the trick, eh? I was hoping to do this in one badass Router or Proxy server solution and a good VPN service.
I'm just a noob when it comes to computers. I've never done anything like this before, so I'm hoping you could offer advice/ideas/solutions. I'm not even sure if all of this is possible. What are the possible solutions? What hardware/software do I need? What's the cheapest way to do this? I have 4 different sources of bandwidth, 4 IPs, so I'll need to make 4 concurrent VPN connections, right?
I'm speculating this is what it will take:
- Load balancing hardware to bind together 4 connections: 2 Wireless networks and 2 modems.
A good VPN service (under 50$ a month)- Must be as anonymizing as possible.
Must allow multiple concurrent connections (4 different sources of bandwidth, 4 IPs, so 4 connections, right?)
Must have unlimited bandwidth
Must maximize throughput. For example, if I have a 4mb connection, I hope to see close to a 4mbit connection after pushing data through the VPN.
Something like SSH:- Offers access to resources on the network
Port Fowarding proxy or anyway for an outsider to securely login to the network to bypass censoring firewalls and to use the VPN services indirectly.
- Must be as anonymizing as possible.
I considered DD-WRT type router options. I'm afraid it wouldn't get the job done though. Also, Load-balancing routers are expensive. I'm thinking that an extra PC running as a router/proxy server might just be the cheapest load balancing option, and it can firewall right there nicely. Has anyone ever used pfSense? This seemed like a good option, but I could be quite wrong. It can load-balance, but can it do that with VPNs on each connection?
I thought it might look something like this:
Computers on network ==> Switching router/hub ==> Ethernet card on Proxy Server
Ghetto DSL Modem 1 ==> Ethernet card on Proxy Server
Ghetto DSL Modem 2 ==> Ethernet card on Proxy Server
Wireless Network 1 ==> Wireless card/device on Proxy server (this isn't the same as being connected straight into the Modem, so will that affect things?)
Wireless Network 2 ==> Wireless card/device on Proxy server
I might have it all wrong though. Let me know =).
As for the VPN, xerobank has been the best I've found so far. Anyone used this before? What did you think of it? Any options better? Has anyone used a Cryptorouter, what do you think of it?
What problems can I expect? Can one piece of hardware manage connecting to 2 modems and 2 wireless networks? How difficult will it be to tap into the wireless networks available to me? Will I have problems load-balancing? What problems will I run into load-balancing and running through a VPN?
I have several months to get this together at the request of family and friends. Any help would be appreciated.
peace,
4eak
Facebook
Twitter