I have a Synology NAS at home that I set up a VPN on. I connect to it in iOS and I can access internal network resources just like I’m at home. It’s L2TP, I log into it with my Synology account and there was a “Secret” phrase I had to define.
I’m at a hotel with open WiFi (no password) that doesn’t even have one of those landing pages. If I browse on it while connected to my Synology VPN, is my traffic safe from being viewed by others? My assumption was that it would encrypt all my traffic between my device and my house (such that the hotel or its guests have no idea what I’m doing) but I’m not sure if I’m set up correctly for that.
As stated before, it depends if your traffic is “routing” via your home connection or if the VPN tunnel is only to get to local resources.
I use Tailscale and when I connect to my locally hosted VPN server my home network becomes my exit to the internet which means I’m safe when using external connections.
Just about everything on the Internet these days is already encrypted. Companies trying to sell you a VPN product to “protect your browsing” are doing just that: trying to sell you a product. Even on public Wi-Fi, no one can snoop your passwords or hack your myspace because it’s not the early 2000s. Https is everywhere now, and most browsers will try their damnedest to prevent you from making a non-encrypted connection, even if you wanted to.
Your assumption is generally correct, though: running a VPN yourself, you’re creating an encrypted connection between your device and the rest of your private network. This is great because it means you can have secure remote access to your network without exposing other services. A VPN is a powerful tool to keep your private network secure, but it does not necessarily offer any security benefits to your normal web browsing.
All VPNs use some form of encryption to hide your true location.
The best way to think about it is as a shipping analogy;
Basically think of it that you send a padlocked box to your VPN (in this case your home) with as slip inside that has the final address on it so no one will know its contents or true destination
On arrival, the VPN use their key to unlock and re-package it into a normal box and send it to it’s true destination with it’s address as a return.
When the VPN gets a return package it will put it back into the locked box and send it back to you for you to open with your key.
Between you and your VPN the data will always be encrypted between you two - the only information someone can gather is your location and the VPN location. Once it is repackaged by your VPN, the data can be gathered by some other people.
If the website uses HTTPS, then the second box is also a locked box, just with a different key)
The benefit of using a VPN in this scenario, is if someone is trying to do a man-in-the-middle attack, they wont be able to pretend to be the final destination as they can’t unlock the VPN box and either they let it through and the VPN will forward the final box to the right destination, not the bad actor, or the connection will be blocked altogether,
Go to Google and type what is my IP… see if it is your home IP or hotel… If it is home IP, all traffic is likely routed through your home connection encrypted to your home…
Well actually technically on its own L2TP doesn’t encrypt, and could be intercepted and pieced back together but would still be disguised as to the true destination of the data.
But it is almost certainly L2TP over IPSec especially as you said there was a “secret” box to fill out.
Personally I just use tailscale as it’s super easy use.