Posted: Thu Aug 01, 2019 16:08 Post subject: Hi, new VPN guy here.
Hi all. New VPN user here.
I have subscribed to the NordVPN service. Currently, I have the VPN client software installed on one of my home computers on my home network. This provides VPN protection for that computer only, of course.
I have recently signed up for Google Fiber. I know that one of Google's objectives is to monitize not only how people use their web services, but as an ISP to monitize how people use the internet entirely. So, my objective is to put my entire home network on a VPN so that all devices on my home network go through the VPN, except my MagicJack VOIP phone which I see no need to route through a VPN.
I also have a second router set up as a wireless access point with a unique password. This is the for the kids as I can shut the router on and off with a smart timer socket (routers have poor parental time controls I find).
Here is what I think my network topology will need to look like:
Essentially, I believe my Netgear R6400 will function as a switch. I believe if I install the dd-wrt on the Netgear router then I can have VPN protection on all data passing through it, correct?
I believe my 6400 is a V1, since the label on the bottom says only "R6400".
Also, I have read and see that the Netgear router is an ARM device, but questions about this router appear in this (Broadcom) forum. Hopefully I am in the right place.
I have also read the stickies for this forum, or at least skimmed them (some are very long). The gist of what I understand is I need to use the wiki and not the compatibility spreadsheet for getting dd-wrt installation instructions.
Joined: 18 Mar 2014 Posts: 12836 Location: Netherlands
Posted: Thu Aug 01, 2019 16:56 Post subject:
Welcome to DDWRT
The R6400 is a Broadcom /Arm devices so you are good here for questions. I have one running also.
For Network/VPN/routing questions we have the advanced networking forum.
I have VPN running on my R6400, but before you proceed, OpenVPN is very resource intensive and you will not get more than 35 Mb/s speed on an R6400!.
If you want more speed you have to use a more powerfull router my R7800 gets about 90 Mb/s
But if you want gigabit speed over VPN you have to use an PC and load pfsense (or DDWRT on that but I have no experience with that)
If you still want to get along with this, I think the easiest is to use the R6400 connected with its WAN port to the google fibre router, set a static IP on the WAN and place that static IP in the DMZ of the google router.
Sounds complicated but it is not
But your first step is to get DDWRT on the router.
In my signature is a setup guide for the R6400v2, that one is more complicated yours is really easy.
Also have a look at that guide, see First Flash and also you can read about two different DDWRT brands you can use.
I use builds from Kong for my R6400
Not anymore I just updated them since the R6400v1 was split out of that wiki...and I updated it too. Would be good to read both though. _________________ #NAT/SFE/CTF: limited speed w/ DD#Repeater issues#DD-WRT info: FAQ, Builds, Types, Modes, Changes, Demo#
OPNsense x64 5050e ITX|DD: DIR-810L, 2*EA6900@1GHz, R6300v1, RT-N66U@663, WNDR4000@533, E1500@353,
WRT54G{Lv1.1,Sv6}@250|FreshTomato: F7D8302@532|OpenWRT: F9K1119v1, RT-ACRH13, R6220, WNDR3700v4
Looks to me like the list still points the R6400 V1 to the R6300 link?
Anyway it sounds like this is going to be too much of a performance bottleneck to be worthwhile. Especially if I spring for the gig fiber (right now we are on the 100 package).
I looked at some of the Negate products advertised by the pfsense folks and the first one that mentions gigabit speeds costs about $700.
Is there a cheaper gigabit solution for setting up a "vpn firewall" (or whatever you call it)?
@egc, it seems like I never got the impression folks do what I did years ago, which is use an a pc for their internet gateway and firewall. The fun days of a PII running Slackware and TrinityOS ipchains (or was it iptables?) script. I don't miss the associated electricity bills coupled with that 400w power supply.
Sorry to hijack this post, but as you mentioned Nordlynx here anyway, I was wondering if it was possible to install Nordlynx on the ddwrt using the instructions from the NordVPN website for a Linux installation?
Joined: 18 Mar 2014 Posts: 12836 Location: Netherlands
Posted: Mon Jan 13, 2020 18:47 Post subject:
You cannot install the app on DDWRT.
But I think you should be able to install a Wireguard client on DDWRT for NordVPN.
You have to email them for the necessary credentials (public and private key, ip address, DNS server and endpoint (IP address and port of the Nord wireguard server) )
With those you can setup the WireGuard interface.
A guide for general purpose setup and necessary script is in my signature, in the guide also a reference to a setup for Mullvad.
Joined: 31 Jan 2012 Posts: 88 Location: North Carolina
Posted: Fri Jan 17, 2020 20:43 Post subject:
I have a Qotom Q355G4 that I have moved on to running pfSense. I would suggest you go with something like this. It has a dual core i5 and 5 Intel NICS. It does hardware encryption and I can max out my 235Mb cable modem connection without the CPU ever going above about 12%. I only use dd-wrt on my R7000 used as an AP. I would not handicap myself using a consumer grade router if I had Gigabit internet.