Route ALL network traffic through PIA VPN.

darknessdarkness
in Other Devices VPN Setup
Hello,

With the way things are looking for Title II Net Neutrality rules, I have started procuring a project for securing my entire network through this VPN service.


My goal:
- Route all traffic, including WiFi to my home server that acts as a gateway.
- Forward that traffic through PIA via network interfaces on the gateway server.


I'm not new to networking, but this is something I've never attempted before. My home server is currently running Ubuntu 16.04 LTS, and my wired network can handle up to a gigabyte of traffic per second. I have a gigabit switch handling all wired traffic throughout the network, which then is routed to my modem.

If any of you have attempted this before in the past, or have some sort of knowledge that would help me achieve this goal, it would be greatly appreciated.

Comments

  • Omnibus_IVOmnibus_IV
    If this was my network, the first thing I would do is create a network map. This would include all the connections within my network. It would look something like this...

    Internet - ISP - Modem - WAN NIC Server - Server LAN NIC - Wireless router - Local machine

    Now I would look at the path(s) and determine how I want to protect them. So let's say we are OK with everything on the Server LAN NIC side being "in the clear". That mean I would need to put a VPN Client on the WAN NIC Server side of the path. This will protect everything from the server WAN side on. But everything on the LAN side is susceptible to being monitored.

    Now, let's say I want to run the entire network in protection mode. That would mean setting up a VPN Client on the WAN NIC Server side and setting up a VPN Server on the Server LAN NIC side. Then a VPN Client would be installed on the Local Machine. Now everything is protected.

    Or you can install the VPN Client on the Wireless router. This will protect the path from the Wireless router to the server.

    See where I am going with this?
  • p4141841p4141841
    having a pfsense router makes this so... simple.... 
  • darknessdarkness
    If this was my network, the first thing I would do is create a network map. This would include all the connections within my network. It would look something like this...

    Internet - ISP - Modem - WAN NIC Server - Server LAN NIC - Wireless router - Local machine

    Now I would look at the path(s) and determine how I want to protect them. So let's say we are OK with everything on the Server LAN NIC side being "in the clear". That mean I would need to put a VPN Client on the WAN NIC Server side of the path. This will protect everything from the server WAN side on. But everything on the LAN side is susceptible to being monitored.

    Now, let's say I want to run the entire network in protection mode. That would mean setting up a VPN Client on the WAN NIC Server side and setting up a VPN Server on the Server LAN NIC side. Then a VPN Client would be installed on the Local Machine. Now everything is protected.

    Or you can install the VPN Client on the Wireless router. This will protect the path from the Wireless router to the server.

    See where I am going with this?
    Yes, I do.

    Little things to note, my router does not support a VPN client setup, as it's a modem+router combo that I purchased.
    p4141841 said:
    having a pfsense router makes this so... simple.... 
    Yes, I'm fully aware of this, but I'm not going to build another machine only to just run a router software. I have a perfectly good server capable of handling whatever I throw at it, with two gigabit NICs.

    I'm trying to go about this without spending any sort of money for new hardware, and I'm not trying to repurpose my home server into a router either. I'd rather it serve as a multi-functional device.

Sign In or Register to comment.