I’d like to setup a vpn for my Omada setup. I have an ER605 router. Ideally, the vpn would also have an android client. Any options here?
Do you want to connect to your network or use your router to get to Internet using it?
I have ER605 and OpenVPN and Wireguard servers running on TrueNAS Core Jails. It could be a Raspberry Pi or any other spare hardware.
Then I have OpenVPN and Wireguard client installed on my laptop and Android phone.
Whenever I am out and need to be like home any of that methods works.
OpenVPN is free and inbuilt to the router. I have it running on mine and seems good. Have had it running on previous router setup and never had any issues. The only thing you need to probably be mindful of is whether you have a fixed IP on your ISP service. If it isn’t fixed, you may find it changes periodically, so just need to be mindful of knowing what your external IP is at various points.
Windscribe is a good VPN service.
100%!
I just got mine setup the other day ditching L2TP. I couldn’t be happier. I don’t even bother turning it off. Too bad for my company’s IT department trying to snoop what I do online.
I’ve recently started using Tailscale in the last month or so and have been liking it. Have gotten most everything connected with it. Just need to set something up as a subnet router now for the rest of the devices.
I want to vpn into my home system and be a trusted client. Would you say Openvpn is a decent solution?
My ip is semi static, seems to change every six months or so. I do have a ddns client which provides some stability over a straight IP address. Thanks for the info, I’ll definitely take a look at Openvpn.
Did you follow a guide for this? I’m running a few services on my network via a NAS that I’d like to be able to connect to from anywhere - think Plex for example. But I don’t wanna pay for THEIR cloud service since it’s limited to working only when you’re on the same network as the NAS and host client, and sometimes not even then.
Yes I am happy with my set up and it is working quite well.
I haven’t used ER605 build in OpenVPN one as it looks like haven’t got enough capacity.
Yes, openvpn and wireguard are built into it for this purpose.
L2tp encrypted is built into er605
Mine is semi static too and this thread has reminded me to build an automation in Home Assistant to alert me if it changes so I can tweak the profile when it does.
Not really, I used the vague guidance in the web UI (I’ve not yet setup a Cloud/Software Controller).
It was pretty straightforward; set up a VPN Server (in the OpenVPN tab), selecting the WAN to apply it to and a few other fields and just downloaded the VPN profile to import to the client on my laptop, phone and iPad.
There is a detailed guide on the OpenVPN website though;
Thanks. I’ll go with Wireguard, only because it’s newer.
I like that idea. Thanks for sharing!
Thank you! Was going to make a whole post asking about this but your comment helped.
I prefer OpenVPN. Wireguard advertises itself as new but its design feels quite insecure.
The local client does not make it possible to store network connections without also storing the password embedded in your profiles. So anyone who takes hold of your phone can just open the app and click a button and have access to your house. Also the server doesn’t determine subnet access the client side does, another dumb security design.
The encryption choices, while faster, are invalid encryption protocols that are more vulnerable to backdoor, packet injection decryption.
OpenVPN is way more secure. Wireguard actually upsets me with some of its dumb choices. It says it is designed security first but it actually isn’t in practice and takes too many shortcuts. It’s just advertising but it’s worse. But the ER605 is weak and can’t run OpenVPN too fast either. Higher end routers can though.
Okay. You convinced me. I’ll give Openvpn a shot.Thanks again.
Wow. So easy to setup. Took me no more than 15 minutes.
Trees it is very simple setup . Also if you are hosting it on a isp with a dynamic ip range you can look into dynamic DNS for a single domain to use.