PDA

View Full Version : Connect to my home network as VPN




sammy.d
Jul 18, 2013, 04:52 AM
Hi, I wasn't really sure which sub-forum to post this in...
I am currently living away from home (overseas) and for various reasons want to connect to my home network in order to route my downloads through my home internet plan. I assume this is possible and I also assume this is what a VPN is, please correct me if I am wrong. I have a couple of questions though;

1. I'm pretty sure I didn't have this set up before I left home. Can I somehow check by scanning the IP address of my home?

2. Am I able to set this up remotely or do I have to get someone at home to set it up?

3. Is it possible to encrypt the connection from my computer to my home network? The data being downloaded to my home network wont be encrypted but I would like to encrypt it from my home network to my computer.

4. If I could set this up, would it mean that the IP address that I'm currently using would be hidden and the IP address of my home network would be the one visible to everyone when I am browsing?

Cheers.



Dark Dragoon
Jul 18, 2013, 06:20 AM
1. Setting up a VPN isn't really something you do and forget about it, port wise it depends on what VPN you've setup.

2. You could do it remotely as long as you are able to remote control/remote access the server or whatever hardware you are running the VPN on.

3. Yes, it should do this by default. Though how secure it is depends on the VPN server you use and its setup.

4. Yes

sammy.d
Jul 18, 2013, 06:51 AM
So a VPN is something that I just set up on the router configuration page of my home router and then enter the details into system preferences of my MacBook that I want to connect to it? I've been told that a SSL VPN is best to use because of its security and native compatibility with mac, is that right?

Dark Dragoon
Jul 18, 2013, 07:02 AM
Most home routers do not support running a VPN server.
Well by default anyway, with custom firmware like DD-WRT or Tomato certain routers will support running a VPN server.

More likely you'll need a computer that will be running all the time to install a VPN server onto, as well as configuring the router such as opening up the required ports.

An SSL VPN is when you have a VPN that remotely accessible through SSL like OpenVPN.

The clients built into OSX are IPSec and PPTP.

samh
Jul 18, 2013, 12:10 PM
So a VPN is something that I just set up on the router configuration page of my home router and then enter the details into system preferences of my MacBook that I want to connect to it? I've been told that a SSL VPN is best to use because of its security and native compatibility with mac, is that right?

Also keep in mind that if you route internet downloads through your home internet connection, you are essentially downloading them twice, and you'll only be to download them to your computer at a certain percentage of your home connection upload (not download) speed.

To download a file, it's coming into your home network in the "download" pipe and then being sent out through the upload pipe--in many cases 80-90% slower. On top of that, encrypting the data and securing the connection reduces the speed further.

Is there something specific you are trying to accomplish?

sammy.d
Jul 18, 2013, 06:09 PM
Ah yes, I didn't realise it would be leaving my home at the upload speed... Puts an end to that idea.

It was to get around geoblocking for an Australian tv show website. I have searched for free Australian web proxies and some sites list a reasonable amount but they never seem to work properly and I'm quite sure I'm setting them up properly. I also looked at tunnelbear but it doesn't have an Australia server.

Just out of interest, if I installed Tomato on my home router does that instal OpenVPN with it? Or do I have to install that afterwards? Is that installed on the router or do I need to have a computer running that on the network 24/7?

LongSticks
Jul 19, 2013, 01:24 AM
Ah yes, I didn't realise it would be leaving my home at the upload speed... Puts an end to that idea.

It was to get around geoblocking for an Australian tv show website. I have searched for free Australian web proxies and some sites list a reasonable amount but they never seem to work properly and I'm quite sure I'm setting them up properly. I also looked at tunnelbear but it doesn't have an Australia server.

Just out of interest, if I installed Tomato on my home router does that instal OpenVPN with it? Or do I have to install that afterwards? Is that installed on the router or do I need to have a computer running that on the network 24/7?

Sammy, don't know whether this would be of interest as an option. Definitely does what you want?!

http://uk.slingbox.com/go/slingbox#.Uejazsu9KSM

sammy.d
Jul 19, 2013, 04:43 AM
That looks alright but is probably a bit expensive for me. I'll just get someone to download them and send them to me.

Any have any idea about my question above about Tomato and OpenVPN?

Dark Dragoon
Jul 19, 2013, 05:18 AM
That looks alright but is probably a bit expensive for me. I'll just get someone to download them and send them to me.

Any have any idea about my question above about Tomato and OpenVPN?
You would be better off installing OpenVPN on a computer if you need to, as re-flashing your router with different firmware and configuring it needs to be done when you have access to it. Also not all routers will be supported by alternative firmware and an even smaller subset have the hardware to support running a VPN server.

There are a lot of 'if's', but if you can install an alternative firmware on your router which comes with a VPN server then you wouldn't need a computer to be running.

Alternatively you could try setting up a proxy server on a computer at home instead of a VPN, which should be a bit simpler to get up and running. With the downside being that it's still going to be limited by your upload speed.

Also note that the Slingbox will also be dependant on your upload speed as well.

sammy.d
Jul 19, 2013, 11:21 AM
Also not all routers will be supported by alternative firmware and an even smaller subset have the hardware to support running a VPN server.


So for a router to run a VPN whether by OpenVPN or other means, it needs to have specific hardware? If that were the case and I had a router with the required hardware, wouldn't it already have the option of running a VPN and I wouldn't need to install Tomato anyway? If it has the hardware, surely the original firmware would allow you to easily run a VPN server...

Dark Dragoon
Jul 19, 2013, 12:02 PM
So for a router to run a VPN whether by OpenVPN or other means, it needs to have specific hardware? If that were the case and I had a router with the required hardware, wouldn't it already have the option of running a VPN and I wouldn't need to install Tomato anyway? If it has the hardware, surely the original firmware would allow you to easily run a VPN server...

Normal cheap home routers don't come with enterprise/business features like a VPN server. Their firmware doesn't contain these features.

When I say hardware what I mean is enough RAM and processing power along with enough storage for the software to be installed. As well as containing compatible hardware that has the necessary drivers to make it work.

Firmware like Tomato only runs on certain routers. For example I run DD-WRT (used to run Tomato) on my old Linksys WRT54GL which is well supported but old.

Though really it would be a lot less hassle to run a VPN or proxy service on a computer instead. Even if that computer is something very cheap like a Raspberry Pi. If you do want to go ahead with the router, you would need to look it up to see whether the one you have is supported by any of the custom firmwares.

talmy
Jul 19, 2013, 12:46 PM
If you are running Mountain Lion on the home system you can buy Server.app which has a VPN server. This will also require that DNS be properly set up (I user the server's DNS server) with the system having a static IP address and typically accessed using port forwarding in the router and a Dynamic DNS service so you system can be found.

The VPN server can be configured so that all Internet traffic is tunneled through the server system, none is (good to access any files at home), or selected IP addresses are tunneled. The setup is good to access sites that may be blocked as long as you can access the VPN (some places block the ports necessary!). I've never tried it for streaming, but it should work if you have enough up bandwidth at home. If you have lousy up bandwidth at home it makes for a poor VPN experience for any use!

sammy.d
Jul 19, 2013, 12:49 PM
Normal cheap home routers don't come with enterprise/business features like a VPN server. Their firmware doesn't contain these features.

When I say hardware what I mean is enough RAM and processing power along with enough storage for the software to be installed. As well as containing compatible hardware that has the necessary drivers to make it work.

Firmware like Tomato only runs on certain routers. For example I run DD-WRT (used to run Tomato) on my old Linksys WRT54GL which is well supported but old.


If its only the better routers already with good features that are able to run Tomato, why bother installing it? Those routers would already have all the features wouldnt they?

Though really it would be a lot less hassle to run a VPN or proxy service on a computer instead. Even if that computer is something very cheap like a Raspberry Pi. If you do want to go ahead with the router, you would need to look it up to see whether the one you have is supported by any of the custom firmwares.

I was talking just out of interest once I realised I didn't have many options, but your point about running it on a Raspberry Pi is interesting and sounds like a great little project just for fun. What is the difference between a VPN and a proxy service??

Dark Dragoon
Jul 19, 2013, 01:06 PM
If its only the better routers already with good features that are able to run Tomato, why bother installing it? Those routers would already have all the features wouldnt they?
What I mean is that if you want to buy some networking equipment that comes with these advanced features you have to pay a bit more for them (don't tend to be the cheap ones you see in shops).

Whereas various cheap routers (certain models) that don't come with those features can be made to run other firmwares like Tomato or DD-WRT to give them those kind of features for free. Though some are more capable than others.

I was talking just out of interest once I realised I didn't have many options, but your point about running it on a Raspberry Pi is interesting and sounds like a great little project just for fun. What is the difference between a VPN and a proxy service??

The VPN makes it as if your computer is on the remote network, you get assigned a local IP on that network, and so as far as everything is concerned your computer may as well be sat in your home in Australia, albeit with a slow connection to the router. So things like local network shares would work.

A web proxy just lets your computer ask another computer (at your home in Australia) for a web page, the proxy server then gets the web page and forwards it back to you. So it only works with websites.

Edit: Proxy servers are also often used for caching, so they can save copies of websites that have been visited. So when you next ask for the same page it can send it straight to you. This is more often how they are setup in businesses and by ISP's, as that reduces the amount of bandwidth used externally.

sammy.d
Jul 19, 2013, 01:12 PM
Are proxy servers common on home routers? Or is it again only the more expensive ones, meaning I would have to run it on a computer at home?

Dark Dragoon
Jul 19, 2013, 01:21 PM
Are proxy servers common on home routers? Or is it again only the more expensive ones, meaning I would have to run it on a computer at home?

It's another feature you wont find on consumer routers.
But as with the VPN server can be added to those routers which are compatible with other firmwares (DD-WRT, Tomato etc...).

Also even with firmware like DD-WRT and Tomato you would be limited as to the type of proxy server you can run, namely the type which caches pages needs a decent amount of storage space (up to GB's) whereas the home routers maybe have a few KB's (MB's if you are lucky) of free space. Not that this is the type you would need though, so you can pretty much ignore this bit.

sammy.d
Jul 19, 2013, 01:27 PM
On the issue of slow upload speeds, is there any way around this? Why are upload speeds slower? Can my ISP give me faster upload speeds? Can home routers only handle slow upload speeds? If I can get around this issue I will get a Raspberry Pi and set something up...

Dark Dragoon
Jul 19, 2013, 01:41 PM
On the issue of slow upload speeds, is there any way around this? Why are upload speeds slower? Can my ISP give me faster upload speeds? Can home routers only handle slow upload speeds? If I can get around this issue I will get a Raspberry Pi and set something up...

I would get someone at home to test the connection speed, using say http://www.speedtest.net. That should give you a better idea of the upload speed you currently have.

As for why it's slow, thats down to the type of connection (and quality of the line) you have as well as what your ISP has enabled your connection for. You may be able to pay for a faster connection.

Most home routers are more than capable of handling a decent upload and download speed.

An alternative to the Raspberry Pi maybe to try to find a cheap Australian VPS (Virtual Private Server) provider. They often give you a virtual server running Linux which you can install pretty much whatever you want on and normally have the bonus of a fast internet connection with a static IP address. But you would paying monthly/yearly towards it.

unplugme71
Jul 29, 2013, 09:49 AM
I'd suggest a hardware firewall that supports VPN. Netgear makes a few boxes starting at around $200 and can go up to $1500 (UTM series) or more.

We ran a UTM 25 at one small office I worked at. Never had an issue. We had IPSEC and SSL VPN enabled. The SSL VPN was a bit of a pain as it only worked with 64bit IE on Win 7.

I always prefered installing a VPN client and connecting that way. You can forward all or just some of you traffic over VPN. This makes going to google.com quicker, but bankofamerica.com slower. You need to know which to forward and which not too. Lot of setup involved. Not something easy to just plug in and go.