TechLife Australia

VPN-ing your router

How to use a VPN all the time, for everything, according to Nathan Taylor.

-

As our own government doubles down on spying on its citizens and criminals get better at intercepti­ng our communicat­ions, you may be thinking it’s a good time to use a VPN for pretty much everything. It’s not a bad idea, and it’s entirely possible to set your router up to connect to the VPN so that every device in your home that connects through that router is effectivel­y using the VPN. That includes your PCs, your mobiles, even your game consoles and smart TVs.

Not every router model from every vendor supports this, however. Especially if you have an older router, or are still on ADSL and haven’t been moved to the NBN yet, it may not support it. Most current models of router, though, do have the ability to directly connect to a VPN. Which protocols they support will vary, however.

There are four major protocols used by commercial VPN services: L2TP, PPTP, SSTP and OpenVPN. You’ll have to check with your

VPN provider to find out which it uses.

Most commercial consumer routers now support PPTP and possibly L2TP connection­s. SSTP and OpenVPN support is rarer, found typically only in custom third-party firmwares and a very few commercial firmwares (Asus firmware being notable for its VPN support). That can be an issue with some VPN providers; some providers such as NordVPN have discontinu­ed PPTP and L2TP support, citing security vulnerabil­ities. That means that it only supports OpenVPN and SSTP, which locks quite a few routers out. Looking at the vendors:

- Linksys, TP-Link, D-Link and Netgear commonly support L2TP and PPTP but not OpenVPN or SSTP.

- Asus and DrayTek do commonly support OpenVPN.

As a practical matter, any of the protocols should work fine. PPTP is fast and the easiest to set up, but is the least secure. L2TP is more secure, but slightly slower; OpenVPN is both secure and fast, but can be challengin­g to set up; SSTP is also fast and secure, but technical and rarely supported.

Regardless of which protocol you’re using, you’ll have to head to your VPN provider’s website to get the details. If they support PPTP or L2TP, what you’ll need from your router provider is this:

- The protocol they’re using.

- A username and password. This will often be your VPN account username and password, but in some instances (eg. with SurfShark or ExpressVPN) they might have a distinct username and password specifical­ly for PPTP/L2TP connection­s, which you’ll find in your account details on the VPN provider’s website.

- A server IP address. Note that

this is the specific IP address of the VPN server that you’ll be using. Unlike a desktop app, you can’t just flip between VPN server locations easily on your router – you have to pick one and stick to it (since changing it will require you go into the router settings manually). For that reason, it’s best to pick a server near you to get best performanc­e, unless you’re specifical­ly using the service to bypass content geoblocks (such as Netflix or Hulu).

Note that on the last point, many providers do not list their servers by IP address. If you go to their server list and they just list them by URLs (eg. sydney1. vpnprovide­r. com), don’t worry. You can either go to a Command (type cmd in the search bar) line and type ping URL, where URL is the address of the server, to get the IP; or you can go to a site like www.hcidata.info/ host2ip.cgi and enter the URL of the server to translate it into an IP address.

Once you have those details, og into your router administra­tion and the rest should be easy. For most models (Linksys, D-Link, TP-Link and Netgear), you simply configure it on the Internet Connection/Connectivi­ty page. Where you get to choose from the internet connection type, choose L2TP or PPTP, then enter the details above.

If there’s a dynamic IP option,

you’ll generally select it since most providers will give you a dynamic IP address. You may also have to enter a DNS on the router. The DNS setting is typically on the same page (possibly hidden in advanced settings). We recommend entering 8.8.8.8 and 8.8.4.4 in the DNS settings for the router (these are the addresses of Google’s DNS servers). Finally, Max idle time, if it’s an option, should be set to 0 (meaning that the connection never times out).

Once that’s done and saved, your router should now connect to the L2TP or PPTP VPN automatica­lly, and every device on your local network – wired or wireless – should connect through it.

Now, if your VPN provider uses OpenVPN, then the process will be much more complicate­d. You’ll likely have to go through their help system to get a step-by-step on setting it up on your specific router model. For some models, like Asus, they may provide a quick configurat­ion file that you can upload to your router; for other router models you’ll have to paste in huge blocks of encryption key informatio­n. It isn’t fun, but in the end you’ll have a fast and secure VPN for it.

But my router doesn’t support the VPN protocol I need!

Despair not, for third party router firmware is here to help. While many commercial router firmwares do not support OpenVPN, for instance, it should be possible to install a third-party firmware such as DD-WRT ( dd-wrt.com) or Tomato ( advancedto­mato.com) on your router which will.

Installing these replaces your router’s current software with an entirely new operating system, very often much more capable than the commercial one. As a rule, doing so is much less painful than it once was. Most of the time, you can just use the ‘upgrade firmware’ option in the existing router settings and upload the new firmware to the router. That said, you should absolutely 100% check out the guide on the DD-WRT or Tomato website for your particular router model. There are often quirks and weirdness you have to account for when upgrading the firmware, and if you don’t you may brick your router.

We should also note here that a few VPN providers – notably ExpressVPN ( expressvpn.com) and VyprVPN ( vyprvpn.com) – actually provide their own, custom firmware that you install on your router. Not every model of router is supported, but these custom firmwares have a huge advantage over generic firmwares: the ability to switch VPN locations easily.

After installing the ExpressVPN firmware or VyprVPN firmware on your router, you can then easily switch VPN servers. No need to go deep into the router settings and try to figure out the IP address of the relevant server – just open the app and select your location. The app will talk to your router and update the connection to the correct server. This is ideal if you’re using a VPN to bypass content geoblocks and need to change your apparent location frequently.

Whichever way you go, you’ll have the peace of mind that you’ll always be connected to a VPN, bypassing all spying on your activity and ensuring your connection­s are as secure as possible.

?? ?? Changing the connection type to L2TP on a Linksys router.
Changing the connection type to L2TP on a Linksys router.
?? ?? Above: Newer D-Link routers support PPTP and L2TP connection­s. As do Linksys, TP-Link and Netgear routers.
Above: Newer D-Link routers support PPTP and L2TP connection­s. As do Linksys, TP-Link and Netgear routers.
?? ?? Left: Asus is a standout, supporting OpenVPN as well.
Left: Asus is a standout, supporting OpenVPN as well.
?? ?? DD-WRT supports OpenVPN connection­s as well as PPTP and L2TP. As with Asus, VPN setup is distinct from general internet connection setup, and found in a different part of the administra­tion interface.
DD-WRT supports OpenVPN connection­s as well as PPTP and L2TP. As with Asus, VPN setup is distinct from general internet connection setup, and found in a different part of the administra­tion interface.
?? ?? A PPTP setup on a TP-Link router.
A PPTP setup on a TP-Link router.
?? ?? ExpressVPN offers its own custom router firmware that makes it easier to switch locations.
ExpressVPN offers its own custom router firmware that makes it easier to switch locations.

Newspapers in English

Newspapers from Australia