I’m considering setting up a home VPN, but I can’t find information on whether it’s really that necessary. Specifically, I’m wondering if it is beneficial for finances and general privacy. Do you have a VPN? Do you recommend the average Joe set up a VPN?
Also, I’ve read that it slows internet speed? Is this true? I work from home and don’t want my connection to slow too much.
Two ways to setup a VPN…
1 - a tunnel home. You’re at a hotel and want to encrypt your outbound data and access the home network.
2 - a tunnel away from home. This blocks the ISP from seeing where you’re surfing or what you’re downloading. This also stops Hollywood from knowing your home ip.
Neither of these will stop your browser from cookies, ads, tracking… especially if you are signing into accounts on remote sites!! Also, logging into your bank directly or thru a VPN is the exact same security wise…. The encryption the bank uses is plenty secure and once your packets leave your remote VPN server they are the web exactly like when they would leave your home.
Like /u/mgithens1 mentioned, VPNs can be set up in either direction for different purposes.
I use a commercial VPN service to primarily bypass geoblocks for video streaming services. I also (rarely) use it to route data when I need to pirate something and don’t want my info being traced back to my IP address.
Then for the other VPN, it’s for remotely accessing my own home network when I’m away. For that I use Tailscale, and it allows me to have my home network pretty well locked down (Plex is the only thing visible on my IP address), but I’m able to remotely log in to it from another location, usually my phone or work. Works great for accessing my data, but also things like screen sharing so I can assist my wife with any tech issues when I’m not at home.
Both of these services are only activated when I want them on, otherwise I leave them off, so no slowdowns.
Marketing ploys by VPN providers have vastly oversold what they are actually good for. It’s basically like having a P.O. Box that you mail things from rather than your residence.
Fact:
-
Mask your IP from sites you visit
-
Hide your browsing history from your ISP (this one is only kind of a maybe, as they could possibly see your DNS lookups to get an idea)
-
Makes it harder for the MPAA to link your actual name/IP to the computer you’re using to torrent movies
-
Get around geoblocks for streaming services (though they are starting to detect these and block them)
-
It can slow your internet speed, but it depending on where the VPN connects to and the service you choose
Fiction:
-
Protects your “finances”
-
Protects you from virus/malware, phishing, identity thieves, ads, tracking cookies
-
Completely anonymized you online, any website that you log into, still knows it’s you
Most people that have a VPN, either set it up for a specific server/docker that is doing a specific task like torrenting, or have it on their main computer but only turn it on at certain times. Unless you are really paranoid and really misunderstand how VPNs work, no one needs to have their entire network on a VPN.
I have a WireGuard VPN set up to remotely connect to my home network from my phone/laptop.
On the clients I have allowed-ips: 192.168.1.0/24
, so only traffic aimed at my home network goes through the VPN and everything else just gets routed normally
I’m considering setting up a home VPN, but I can’t find information on whether it’s really that necessary. Specifically, I’m wondering if it is beneficial for finances and general privacy. Do you have a VPN? Do you recommend the average Joe set up a VPN?
The point of a VPN is to tunnel into a remote network. That’s its only purpose.
If you want to be able to access services you host in your home network like media servers, file servers, custom DNS servers or the like from outside of your own four walls you need a VPN connection. You cannot really achieve that securely without self-hosting some kind of VPN server at home.
Also, I’ve read that it slows internet speed? Is this true? I work from home and don’t want my connection to slow too much.
You’re not going to connect to your own VPN server while you’re at home. There’s not need, you’re already in your own network.
Specifically, I’m wondering if it is beneficial for finances and general privacy.
No, the opposite.
Unless it’s offered by a comapny you’re ALREADY trusting with your data, you’re just voluntarily sending your secure data to someone elses computer. Your ISP will be bound by your local laws, a foreign VPN will not.
Do you have a VPN?
Yes, both an outgoing and incoming one. I use them both a couple of times a month.
Do you recommend the average Joe set up a VPN?
Only for inbound connections, outbound connections are safer through your ISP.
Also, I’ve read that it slows internet speed? Is this true?
Outbound? Typically, yes. Inbound, not much, especially if it’s a wireguard VPN you’re hosting.
Necessary. No.
Convenient. Yes.
It all depends on your use case. I use the VPN to access my home network. I can use my Plex server without having to expose it to the internet. Or admire my monitoring dashboard.
Also it allows me to surf the internet (more) securely and private in public Wi-Fi’s such as Hotel or McDonals WiFi. Which are open and used by who knows.
The las point can also be done by using VPN providers like the ones YouTubers make ads for.
Here you always have to see who do you trust more your ISP or some random VPN provider.
Also benefit of my home network access is I use my PiHole as DNS server and advlocker while out of my home.
To the speed. While connected to your VPN you might have a speed impact as you have some traffic overhead. But if you are using WireGuard the overhead is quite small and you almost don’t recognize any significant speed loss. The limiting factor is just the upload and download speeds of your home network and the WiFi connected to.
When you are at home you won’t connect to your VPN so here you have full speed of your network connection.
VPN is a tool, whos use depends upon the situation and its configuration. On an unrelated side note, VPN tunnels don’t have to be encrypted (though no one should dare to run an unencrypted tunnel unless the situation calls for it). Have you considered options like Cloudflare tunnel, or perhaps a proxy? Just checking to see if VPN is the best option for you.
Considering how little it cost to have a VPN, it’s well worth it for that extra layer of encrypted security it gives you.
Also, logging into your bank directly or thru a VPN is the exact same security wise
Note that some banks will require require 2FA when on VPN even on a desktop as it looks like you are coming from a different place that they may not recognize you from. Any time I open my bank on VPN from my desktop it requires it even though it doesn’t when not on VPN.
Which VPN service did you choose? Any tips for replicating a system like yours?
Protects you from virus/malware, phishing, identity thieves, ads, tracking cookies
I know it’s not strictly “the VPN” that protects you but rather a service offered by the same company that hosts the VPN, however since it’s part of the package I feel it’s worth pointing out that some VPN services do protect against ads (and as a result helps prevent viruses/malware, phishing attempts, identity theft, etc you get from clicking the ads) if you use their ad-blocking DNS servers
You cannot really achieve that securely without self-hosting some kind of VPN server at home.
Zero Trust networks. Something like Cloudflare Tunnel + Access. Works like a VPN, no public IP address, but it is not a VPN as you do not need a client to access it.
Can outbound and inbound be setup on the same device and be active at the same time? Use case would be that someone at home will use the outbound one for browsing while I can access the inbound one to get access to my local system
Would you by any chance have resources on how to set all that up just like you did?
I use PIA not because it’s anything special but I have like a 3 year deal with them.
I route all my piracy docker containers through binhex’s deluge VPN container. https://hub.docker.com/r/binhex/arch-delugevpn/
As for the other direction, it’s easy enough to set up Tailscale on various devices.
Yes, as one is a client program, and one is a server program.
Sure.
The VPN protocol I use;
The rest is networking 101 basically