I need a passthrough “VPN router” to connect a laptop to another separate VPN. Then I’m looking for a portable solution and one that I might be able to get my hands on quickly.
I might be connecting the “VPN router” to a wifi or cellular accesspoint. Additionally ethernet might be a nice to have but I can’t expect for ethernet to always be available.
So I think the following requirements summarize what sort of product I need.
HARD
It should be a portable device. An internal battery might be a nice feature so I wouldn’t need to carry a separate power pack.
It should have be able to connect to wifi networks and also provide a wireless network to connect to.
I’ll be connecting the PC (linux or mac) to this “VPN router” using a VPN client, so there will be a “VPN inside a VPN” tunnel. I’m not sure if this represents anything special, but just thought I’d mention it.
SOFT
Depending on the cost involved, it might be worthwhile if it can also provide connectivity to a cellular network using a SIM card.
Simplicity is a nice to have. If it’s very difficult for me to figure out how to configure, that might be challenging. However I am a somewhat adept linux geek. I don’t mind tinkering a little bit. I just don’t want to compile too many source (preferably less hardware source packages better ) packages to find out something doesn’t work.
A Raspberry PI with a https://www.waveshare.com/wiki/SIM7600G-H_4G_HAT for (1) seems like it might be one option. I like that it represents a more “open platform” that would likely have software updates and a larger community.
However I’m not sure how well the PI variants would support (2) for providing a WIFI client and server. Then I’m looking to r/HomeNetworking to provide guidance on their experience or recommendations on hardware / software for my portable “VPN router”.
GL-iNet, Travel Router GL-AR750(S). Two models of the 750, black “Slate” and regular white. Only real difference is the external antenna on the S.
Something with OpenWRT and VPN support (WireGuard ideally for performance). Literally designed for this purpose. Check out the comparison chart : https://www.gl-inet.com/
NOTE: make sure even your DNS is going through the tunnel by setting (hopefully the router offers it in the VPN config) the DNS to be the LAN-IP of the remote router (ex: 192.168.1.1).
NOTE2: depending on your work setup if it requires a VPN, doing VPN through a VPN can be problematic. it ‘might’ work, it ‘might’ not. Test at a coffee shop before galivanting thinking you’re safe from being caught.
Set up a VPN in the cloud and connect from anywhere, use linode as a jump box, like what you’re talking about doesn’t really do anything for you, the laptop you’re connecting to can see your vpn’s wan address which is your wan address cause your VPN is going to be set up as a middleman to the egress point you don’t own aka a mobile network or coffee shop wifi
Yes, one of the configs I have saved on mine is the wlan is a client to my phone’s hotspot with the ethernet as LAN interfaces. I also have a VLAN on my home network so I can plug the mAP into a dedicated port on any of my switches and it feeds back to my main router (hAP ac2) as an additional failover WAN interface on that VLAN.
Mikrotik’s RouterOS is so versatile, you can do so much with it once you are familiar with how it works.
What I was thinking which maybe very well incorrect: I’d connect using the “VPN router” using on board “router software” through “Coffee Shop Network” using a cloud VPN. Then from the laptop I’d connect to “VPN Router Network” using software on the laptop. Upon connecting to “VPN Router” I would connect to “Laptop VPN” using software on the laptop.
I had assumed that to the Laptop VPN / network I would appear to have the WAN IP of the VPN router egress. I think what you’re saying is that I will appear to have the wan address of the “Coffee Shop”
Hmm well thanks for pointing out my ignorance!
Is there any way I can keep my origin anonymous for the Laptop VPN / network ?
mAP lite looks so awesome because it’s so small. mAP probably has a better antenna set. I’m going to pick one of these up. After looking it seems like GL-AR300M16-Ext is on the same CPU as mAP (related CPU to mAP lite). I might pick one of these up also to compare. It has 64MB more RAM. But I’m liking the looks and design of mikroTIK more. Might be nice to compare platforms. Might send the GL-AR300M16-EXT back if I think it’s junk. mAP lite looks so awesome being so small!
alright so in your proposed network you have a laptop that is connected to a router (pi or whatever), this router is connected to a cloud vpn, and that cloud vpn is connected to the vpn of the laptop that you want to connect to. Yes, this works but your board isn’t offering anything in this senario, at least not what you are connected to, you could do other cool shit like set up adblocking or other web filtering. I don’t understand why you would want to do this. Unless you are trying to hide your location from the cloud vpn you are connecting to but even then this would be broken. my advice is don’t do this, it doesn’t make sense if you already have a cloud vpn then you are good to go your public address appears as that cloud vpn .
Yes, I only went for the mAP over the mAP lite as I needed the 2nd ethernet interface. Mikrotik have so many offerings, there really is something for everyone!
I don’t know what the sub is but the information from what I skimmed is true, from what I seen buddy just set up a vpn server at his home and that is what he is connecting to at coffee shops so he goes coffee shop > vpn, this doesn’t do anything to hide his location, it just sends his traffic to his house before it leaves to the broader internet and is similar to what I suggested you do, you don’t need to take this device with you. I think the issue is that he is calling this as a router when really it is a server like any other, the communication still happens with a client sever exchange, his router is his vpn server, just like your router is probably your dhcp server, in his first blurb he talked about hosting his vpn in aws this is what I told you to do when I said cloud vpn, as setting up a vpn at your home doesn’t hide your location, but it seems like you are more worried about someone else getting your location through your phone or laptop or something, rest assured there is more intrusive ways that are common practice, although an IP can get a general location sites that you visit wether you permit them or not are actively logging you regardless of some vpn that you set up, the vpn is specifically so people within the coffee shop can’ t snoop on you
the only person who knows what they are talking about in that chain also suggested an aws vpn, you just keep finding people that think the way I do
Side note: what this person is doing is illegal as hell and he is jeapordizing himself and his company, what the fuck, I knew that users did stupid shit but this one, this one is near the top of the list, fucking idiots
If you like your traffic routing through AWS it is “free tier” after all, and AWS is reliable. Another option might be to find a VPS and setup the VPN similarly against the VPS.