Uses for Router based VPN

[Bob.]

I have an Asus RT-N66U router whose stock fw supports setup of a VPN client and/or server. I'm not sure, however, how these would benefit me.

Can anyone explain or post a link to a concise explanation of the uses for VPN clients/servers and how they can be applied and in (and away from) a small home office?

Some questions I have:


1. Would vpn allow me greater security for outbound traffic (i.e., online banking, web browsing, email)? Would a vpn server be required at the other end to complete the security?

2. I have 4 subnets in my office that isolates business from personal and an IP cam. They are isolated via additional routers (wrt54Gs and for the IP cam and mobile phones, a TP-Link TL-WR940N). Any uses or caveats here, i.e., accessing devices on the subnets?

3. I do some multiplayer online gaming, actually, just one at present, crysis3, which is pretty intensive. Would vpn cause issues?

I'm not above buying a beefier router if need be. My primary concern is security without taking a big performance hit. My connection is 50+Mbps down and 5+ Mbps up.

Thanks for any help.

 

[Carson Dyle]

Are we talking about a VPN connecting you to another network, such as a corporate network, or are we talking about a VPN used mostly for anonymity? I may be wrong, but it seems the latter exists primarily for obscuring your identity, for such purposes as pirating copyrighted material and similar sketchy endeavors.

A router-based VPN offer the advantages of things like centralized management, moves the encryption/processing off of the client, and doesn't require the installation of client software. That centralization can be powerful, but it can also be more complicated to set up. For instance, you may only want traffic from certain clients, such as your desktop PC, to travel over the VPN, rather than all internet traffic.

 

[Bob.]

Hi Carson. Thanks for your remarks.

Are we talking about a VPN connecting you to another network, such as a corporate network, or are we talking about a VPN used mostly for anonymity? I may be wrong, but it seems the latter exists primarily for obscuring your identity, for such purposes as pirating copyrighted material and similar sketchy endeavors.

The anonymity does appeal to my sense of paranoia, but the main event is security. I'm very cautious when it comes to my online activities, but I also have to run a business, which entails online usage of various sorts that merit a higher degree of caution. So far, my efforts have paid off, but the cyber world is becoming a nastier place, and my spidey senses tell me that it may be prudent to take extra precautions.

For instance, you may only want traffic from certain clients, such as your desktop PC, to travel over the VPN, rather than all internet traffic.

Good point. And the RT-N66U is my gateway router. I suppose I could add vpn capable routers to the subnet to allocate vpn usage. In addition, perhaps it's possible to turn off the vpn in a given router when I don't need it (i.e., leisure web surfing, gaming, etc.) and still retain the settings (or restore the appropriate config file to the router as necessary).


But the purpose of my post is really to educate myself on the uses of vpn and how it might benefit my purposes. Most info I find around the net regards the configuration of vpns, but I haven't been able to find much of any significance on how a vpn (server or client) could be useful in a (small, uncomplicated) business and security sense.

**Perhaps I'm just missing it, or I'm using inadequate search terms. I'm hoping that I can obtain a link(s) to sites that explain clearly and completely how I might put a vpn (again, client and/or server) to legitimate use for my needs.

 

[Carson Dyle]

Frankly, I'd be interested in the discussion myself.

My paranoia meter doesn't go very high. I don't run always-on antivirus software, but I occasionally do a system scan. I don't avoid any particular web sites in fear of being infected by something and (knock on wood) I haven't been. Pretty much any of my web activity that needs to be encrypted is encrypted - online banking, shopping cart checkouts, even forum logins. I'm not sure using a VPN for such activity adds much to your security level.

One place where I can see using a VPN for security might be useful is when using public hotspots, where you don't know beforehand how well clients on the local network are isolated from one another.

 

[Bob.]

Frankly, I'd be interested in the discussion myself.

Perhaps someone will contribute with some indepth resources.

One place where I can see using a VPN for security might be useful is when using public hotspots, where you don't know beforehand how well clients on the local network are isolated from one another.

Yes, that could be useful. I never use my smartphone on public wifi (of course, 4G speeds make that not too unpleasant...). My understanding is that I could employ a vpn on my network and have all my traffic from public connections to go through the vpn first. I'm not sure I really have a use for that, but if I were traveling, it might come in handy were I to need access to my online accounts via a laptop.

 

[Carson Dyle]

but if I were traveling, it might come in handy were I to need access to my online accounts via a laptop.

Your access and interactions with online accounts is pretty much always encrypted, so that shouldn't be much of a concern.

My concern would be exposure of the laptop itself to other users and software running on their machines. This might be a good use case for a VPN, but also for a software firewall, which I don't normally run.

 

[Carson Dyle]

Seems like this thread might be better suited for the Security forum.

 

[JackMDS]

Seems like this thread might be better suited for the Security forum.

That would be true if the discussion is just about the merits of VPN.

That said, the OP seems to seek help in how to set it too.

Maybe this can Help.

http://www.howtogeek.com/221001/how-to-set-up-your-own-home-vpn-server/

The above is suitable for the Asus RT-N66U too.

 

[Bob.]

Your access and interactions with online accounts is pretty much always encrypted, so that shouldn't be much of a concern.

I suspected as much regarding online banking, and from what further investigation implies, adding a vpn here would have no effect.

My concern would be exposure of the laptop itself to other users and software running on their machines. This might be a good use case for a VPN, but also for a software firewall, which I don't normally run.

An excellent example, I think. The link Jack posted answered a lot of my questions. Using a vpn, say, at a hotel to access online accts encrypts all the data so that log-ins, browsing and information passed back and forth is encrypted.

I always have a firewall going here (windows firewall for inbound with the free version of Windows 10 Firewall Control for outbound (works with vista thru 10 and works with WFW, but controls the outbound traffic).

Maybe this can Help.

http://www.howtogeek.com/221001/how-to-set-up-your-own-home-vpn-server/

The above is suitable for the Asus RT-N66U too.

Thanks for the link Jack. That did fill in some of the missing pieces.

It seems that a vpn would be beneficial (for me) in only a few circumstances. And given that I'm still getting educated, I'd appreciate any correction from anyone regarding any erroneous conclusions:

1. The obvious first would be traveling. For that, it might be best to use a vpn service, such as the one HTG mentions (Tunnelbear - free version would suffice).
I guess this would apply to smartphone public wifi around the city, but again, I don't see much need for that. With 4G speeds more than capable, speed is not an issue, and there are no sensitive operations that can't wait 'til I get back to the office. I refuse to bank, shop or conduct any sensitive operation on a Smartphone.

2. Access to my network from the field. This could be useful. For this, I think I'd need to set up a server vpn on my router? And (still speculating here) I'd think that the vpn server version wouldn't affect my outbound traffic from within my network?

Also, I'm not communicating between the subnets at the moment, but could vpn help in anyway with connection or security there?

I have a lot of research to do. The HTG link is a great start. Not only does it address purposes and usage of a vpn, it also addresses setup. Any further info is greatly appreciated.