Benefits of a whole Network VPN
Running a whole network VPN (virtual private network) is a privacy option that encrypts your internet traffic and helps to provide anonymity online. There are several ways to go about using a VPN for your web browsing, ranging from signing up for a popular public VPN provider and using their provided VPN client on your computer, all the way up to implementing a whole network VPN that runs on your router. Running a whole network VPN on your router is an option that Protectli encourages. Most popular firewall software distributions allow you to set up and configure a whole network VPN.
Getting a VPN set up is beneficial in multiple ways.
- Privacy: VPN’s encrypt your data and effectively aggregate your web traffic with a lot of other VPN users, providing a single point of presence on the internet for tens of thousands of browsing sessions. Because your browsing session shares a public IP address with a large number of other sessions, your traffic is commingled with a large number of other users, providing a degree of privacy for your online activity. Additionally, ISP’s (Internet Service Providers) are known to log and sell information about your browsing habits to data brokers. Using a public VPN prevents your ISP from knowing much of anything about your browsing.
- Threat prevention: A VPN can help to safeguard you from hackers on the same network by encrypting all of your traffic. This is especially useful on public WiFi.
- Prevent Data Throttling: Some ISP’s throttle, or slow down, certain types of data. Because a whole network VPN encrypts all of your data, ISP’s can filter based on data type (it all looks the same)!
- Access blocked content: VPNs are commonly used to circumvent geo-blocked media content or to access blocked content on school or work networks.
- Encryption for everything: A whole network VPN provides protection for your entire network, not just devices that support a native VPN client. This includes IoT devices, streaming sticks, home automation appliances, and everything else on your network
Let’s explore what you need in order to implement a whole home / whole network VPN.
The Vault as your VPN Router
Hardware
While a VPN can be set up on a lot of different types of devices, it’s important to consider your use case to make sure that you have hardware which can meet your requirements. First, it’s important to consider how much throughput you require for your entire network and to choose a Vault accordingly. All Protectli Vaults can be custom-configured and we have published baseline throughput numbers for OpenVPN, IPSec, and Wireguard in our Knowledge Base which can help you to compare what different Vault models are capable of. VPN’s consume a lot of CPU in order to facilitate encryption and decryption, so it’s important to consider a more capable CPU if your available ISP bandwidth is more than 100Mbps or so.
Software
There are several considerations when considering which Operating System software to run in order to facilitate a whole network VPN.
- Simplicity: Perhaps the most important consideration is the difficulty level in setting up the VPN. Not all firewall distributions are the same. Some make it very easy, and others require tens of steps and knowledge of routing and firewall rules in order to implement. A few very popular options for an operating system that can help you implement a whole network VPN are Vilfo OS, OPNsense, and pfSense. Vilfo is a firewall operating system that was built to facilitate easy whole network VPN. OPNsense and pfSense are very powerful firewall operating systems that are incredibly versatile and powerful. For setting up a whole network VPN, they require knowledge of Certificate Authorities, routing rules, firewall rules and other similar concepts.
- Run multiple VPNs at the same time: Commonly, it may be useful to run multiple VPN instances at the same time. Your might want your personal devices to appear to be in your local country, while your streaming sticks are in a different country, for example
- Custom alerts & insights: What kind of notifications do your need?
Protectli can pre-install OPNsense on your Vault hardware to help make your whole network VPN as simple to setup as possible. And if you are looking for a step-by-step guide on how to get up and running, Home Network Guy on Youtube has an excellent series on this topic.