OpenVPN Support Forum

This might not be the best place to ask this, but I don't know where else...

You know how there's a open media player (Kodi), and there's a open media vault (aka network disk server)? With the recent change in the rules allowing ISP's to sell all your connection information, I think there's a need for a whole house VPN system. It would sit between your Wifi router and your internet access point and thus allow you to have one VPN connection that your whole house was behind.

Yes, each of my individual PC's can make a VPN connection, but I also have a couple Amazon Echos, several smart house devices, etc - none of which are capable of a VPN connection - all of their data I'm just as concerned about as my PCs.

I think the pieces necessary are available, some enterprising person needs to stitch them together with a user interface so as to make an "appliance." Minimally, if someone had a "howto" doc and could offer guidelines about how much of a system was needed to make this appliance....

I think there's a need, if not right now, soon.
Larry

Put pfSense at your frontdoor...

Does not really achieve much, except to move the clear text data to some other entity ..

LarryM04 wrote: With the recent change in the rules allowing ISP's to sell all your connection information ...

Always follow the Money to find out who is ripping off your data.

Perhaps all clear text protocols should be out-right banned on the internet.

Yeah, I know but can make it harder.
People looking for privacy but are not/not fully aware of their own inet behaviour.
It`s pretty difficult if not impossible to be "invi(n)sible", certainly so if one is not an highly educated networking specialist...
AFAIU, VPN actually is not meant for privacy but for securing communication between endpoints.

.....So maybe all endpoints should be running OpenVPN

Thanks! I'm not exactly sure that's the product, it sounds a lot more than just a VPN connector. Read their site and dropped them an email.

Larry

Sure all my traffic comes out the other side of the VPN server clear, but if I understand correctly, there's nothing in the data to tie it back to ME. Sure someone can see that somebody's light switch got sent an "ON" command, but they can't see that it came from MY house.

Plus, if nothing else, it makes my connection to my ISP completely useless as far as "sellable" data.

It`s a matter of trust, doesn`t matter who....but yes, ISP won`t see what you`re doing if configured correct.

LarryM04 wrote:Sure all my traffic comes out the other side of the VPN server clear, but if I understand correctly, there's nothing in the data to tie it back to ME.

So wrong ! .. eg cookies. (and the list goes on)

Maybe you want TOR .. which also has the same flaws.

Re your Request: Whole House VPN
This is already completely achievable with openvpn, as it stands.

Achievable perhaps, but its lacking a couple things from my perspective - a way to tie it together and appropriate hardware. And by appropriate hardware I mean being able to figure out how big a box it would take to provide reasonable service for me. Could I use one of my Raspberry Pi's? I don't think so, but then what is enough? Like the last paragraph of my original post says, maybe someone could minimally write a "how-to" doc and some sizing guidlelines. Or an enterprising person could make a plug-in appliance - supply your vendors connection info and go.

I did first turn in the suggestion of adding this to my wifi router's manufacturer (Netgear). The Orbi that I have already has an VPN server, but not client software. I didn't think it would be all that big a deal to add it, but the thought is the SoC in the Orbi doesn't have enough horsepower to do a house full of VPN traffic.

Oh, and I may be wrong, but I'm pretty sure my smart switches aren't using any cookies. Neither is Alexa, nor my DirecTV rcvrs, etc.

Simple Linux server .. and some skill.

Don't be a wannabee any more ..

You can always offer me a contract.

pf sense is definitely the best solution for this.

I would say pfSense is an overkill solution .. OpenWRT is sufficient.

I would also agree with this, OpenWRT is pretty sufficient.

Just OpenWRT should be more than enough.