Configure a dedicated router so that all Internet traffic goes through your VPN service
In this test we are going to configure an independent router at home, in which we will guarantee that only the traffic to the internet goes through VPN.
Looking for gigabit ethernet hardware, with wireless and constant upgrades, we experimented with a MikroTik hAP ac2 device.
There are many more devices with RouterOS and also the possibility to virtualize RouterOS on a computer with several network interfaces. You can also do it with openWRT without any problem, but not on this model.
About the VPN service compatible with Wireguard, say that there are many, in this example we are going to do it with Mullvad, there are many other services that I have not tested like iVPN, lnvpn.net that are also compatible.
Requirements por this test:
MikroTik router / RouterOS installed Mullvad VPN service or another
#Advantages:
-Wired and wireless network with output to the internet via VPN.
-Being able to have several devices connected with the same VPN account.
-Low cost and consumption.
-Improve the performance and stability of the VPN connection, avoid problems with kill-switch, leaks in the internet traffic, etc. .......
Remember that this example is for having a second router, but there are many more configuration options!
#Getting Started:
The first thing to do is to access the Mullvad VPN service platform and download the configuration files for wireguard. Example:
Download the configuration file from: https://github.com/modoBitcoin/mikrotik/blob/main/hap_ac2-wireguard.rsc
Open the file with a text editor and configure the variables. https://imgprxy.stacker.news/2fFq5bJ8SYIN3S2rtVWoL_x0YC_ukw0u4-3k3kUK8_g/rs:fit:600:500:0/g:no/aHR0cHM6Ly9naXRodWIuY29tL21vZG9CaXRjb2luL21pa3JvdGlrL3Jhdy9tYWluL3ZhcmlhYmxlcy5wbmc
We can save it as 'configuration.rsc' to load it later.
Access the router through WinBox and upgrade to RouterOS 7 if it is not already installed. Once inside, we reset the router without any default configuration in System - Reset Configuration:
The router will reboot and boot without any factory settings.
Go to Winbox, Files and upload the file with the Upload button. Access Winbox TERMINAL and type the following command:
/import file=configuration.rsc
Once imported we would already be connected.
*Important to have the ethernet1 port connected to our router.
We can connect via WiFi to our new router, or even to ports 2,3,4 and 5. This is a very basic configuration, from here you can do much more.
Enjoy it!
Speed tests...
It all depends on your connection, your VPN service, the distance, etc... But it is not bad to get about 300Mbps symmetrical in almost any location, even much more. The advantage of being able to connect several mobile devices to a new wifi network with VPN is very convenient.
https://imgprxy.stacker.news/tN04xoxIgoQ7Y2NxoFP2eCTo-pnWHnLIJPO1QFOABy8/rs:fit:600:500:0/g:no/aHR0cHM6Ly9naXRodWIuY29tL21vZG9CaXRjb2luL21pa3JvdGlrL2Jsb2IvbWFpbi9iYW5kd2lkdGhfd2lyZWd1YXJkLnBuZz9yYXc9dHJ1ZQ
Bookmarked and added to ToDo-list, thanks.
Second that!
https://imgprxy.stacker.news/e3Ktj68ESbzMv3qbJsM0r0b20i7uDL6XizCV6jbFK50/rs:fit:600:500:0/g:no/aHR0cHM6Ly9pLnBvc3RpbWcuY2MvdENHNXE0Q1MvdmFkZXItZm9yY2UtaXMtc3Ryb25nLmpwZw
Thanks a lot.Thanks a lot.
I have a few questions:
1. Does this still require the main ISP Router to work? 2. Is MikroTik recommended, or can I use other routers like Xiaomi? 3. What is the watt consumption? 4. If I use Proton VPN, how can I easily change to a different country or make other configurations easily?
Thanks a lot. I have a few questions:
Thanks ;)
Not worth for me. Having an extra router (which can cost a lot to buy), plus 21 W is quite high for a device that will be running 24/7/365. I have ProtonVPN premium, but i don't see how can i easily change VPN configurations with no Proton VPN app UI.
Regarding the consumption you have equipment that works with 5V, which even allows you to have a great portable tool, even with LTE modules.
In order not to increase the consumption you could change it for your current router (I do not know which one it is) choosing the hardware that suits you best.
Some devices can also lower the processor frequency to lower their consumption in a very easy way.
About the VPN service try to contact support because I do not know if it is possible to manually configure your service with wireguard.
Thank you very much.
deleted by author
yes proton vpn please
Maybe this will help you: https://protonvpn.com/support/wireguard-configurations/
https://imgprxy.stacker.news/CfJVa-Cd3z3se4k0kdXpgNmPRDVmFZQIsyC2OTgkkbA/rs:fit:600:500:0/g:no/aHR0cHM6Ly9wcm90b252cG4uY29tL3N1cHBvcnQvd3AtY29udGVudC91cGxvYWRzLzIwMjIvMDQvd2lyZWd1YXJkLWNvbmZpZ3MtMi0xLnBuZw
I think it is necessary to have a Premium account. In the link there is a WireGuard configuration with the necessary data to be able to import by changing the variables that I put in the script.
Any doubt you tell me!
Invizbox router is miles away easier to setup for Proton VPN.
Excellent! So many new things to learnt
Privacy 🔏 and security of your browsing experience at its best
GL-iNet routers are also great for this, even easier to set up.
They support Mullvad out the box (as well as custom Wireguard and OpenVPN configs).
If I'm not mistaken you can also install openwrt on those devices, I don't know if they come with other custom firmware out of the box. About the type of VPN, wireguard is much faster and easier to configure than OpenVPN, but yes, both are good ;)
The idea is that each user takes his necessary hardware and installs a suitable OS that allows many configurations and upgrades and personally I think there is more variety in MikroTik than in GL.inet:
https://mikrotik.com/products https://store-eu.gl-inet.com/en-jp/collections
I would very much like to do more testing with other hardware.
We continue to contribute ;)
Great info! 👏 👏 👏