It occurs to me that the benefits of using the FW VPN with mobile devices have been discussed often. But I don’t recall seeing any mention of using the same for a device on the LAN. What , if any benefits are there for such devices?
If you mean running VPN inside the same network where the server is at? Then the only benefit is you don’t trust the LAN, which is very rare
If you are talking about connecting back home to Firewalla through VPN, then doing if off the LAN would only act as a loop back, since you’re already on the lan. For mobile devices or devices on public networks, that helps prevent man in the middle attacks on a network you don’t control. The only thing I can think of is if you don’t trust the devices on your own network.
If you’re talking about the Firewalla VPN client, where the Firewalla connects to another VPN server and routes the traffic that way, then yes there would be usefulness for clients on the lan.
Thanks. That’s pretty much what I thought.
I was pretty sure that if there was a major advantage, someone would have posted it on the internet. Thanks for your input.
A VPN server is for you to connect from outside to your home. If you are already at home using home LAN, there is actually no need to connect to home again. Perhaps you may research on VPN further.
A VPN by most definitions provides 2 major services, providing a secure tunnel to what your device is connecting to and hiding its location. Firewalla’s clearly states it won’t conceal its location, but then says it won’t hide you from your ISP. That’s a bit vague. It raises a question as to whether the Firewalla VPN server provides either of the services traditionally provided by VPNs (except showing your mobile devices at your home location).
This is why a VPN at home is not the same as a third-party VPN. It will only make you appear to be originating the traffic at home. So it is useful if you don’t want other users of a free wifi (e.g. in a cafe) to know what you are doing, but the site you are contacting can still trace your home IP.
EDIT: Your definition of VPN is actually not absolute. A secure tunnel has its end point, afterward it is still public. With third-party VPN the exit point is share by many people so it is difficult to identify which connection is from you. Therefore hiding location is about hiding from who. Even with a third-party VPN, the provider still know your IP. Just that they claim they are not disclosing it. A VPN server is simply equivalent to you being the third-party VPN provider.
I grabbed the following quote from Wikipedia.
“A virtual private network (VPN) is a mechanism for creating a secure connection between a computing device and a computer network, or between two networks, using an insecure communication medium such as the public Internet.”
If that is true, wouldn’t proxy server be more accurate than VPN server in this case? Here’s an example. My cell phone utilizes Firewalla"s VPN server and either WireGuard or OpenVPN. When I’m away from my home location, using my cell carrier’s network, everything goes through FW, so one of the criteria of a VPN exists, but when I return to that location and the phone connects to my LAN Wi-Fi, neither the secure tunnel, nor the relocation exist. So is it a VPN or proxy server?
but when I return to that location and the phone connects to my LAN Wi-Fi, neither the secure tunnel, nor the relocation exist
The tunnel exist. But it is just like digging a tunnel from this corner in your home to another corner in your home. You are still in your home, so it brings you no additional security or obscurity. That’s I’d say the tunnel exist but is not serving any practical purpose.
Your final two sentences provided an excellent description.