Hi, anyone here who has set up an always-on VPN through their router? (PfSense, OpenWrt, etc…)
Thanks!
TP-Link has built in VPN protocol in their firmware for some of their newer routers. easy to setup
I’ve got all 5 slots setup on pfSense. I’ve got a couple of UK servers in a group, couple of USA servers in a group and then a Canada server on its own. I’ve also got all 5 in a group. Different countries are for different devices. The groups are if one of the servers goes offline / loses connection etc it just fails over to the next server in the group.
I have always-on-VPN on my GL-AX1800 router 24/7, and it works very well.
DDWrt on an older one I had lying around. It worked well. The router was absolute crap though. d-link. required a restart once every 48 hours…seemed like the wireless radios would crash.
it did this bone stock though. i thought ddwrt might fix it but it didn’t…
now i just use mullvad locally. too much of a pain to do it on my current (otherwise decent) netgear. especially since the VPN is only used when i torrent
I have Wireguard tunnels set up on Opnsense and it works great. Wireguard is about 20 times faster throughput than OpenVPN was. I set up firewall rules and aliases to only use the VPN to certain destinations, or tunnel everything from certain computers. I don’t feel I need to tunnel everything all the time, but there are certain machines on my network I want always going over VPN. I use floating rules and LAN rules, which might be overkill but I am paranoid :). If the VPN tunnel drops, a firewall rule blocks outbound traffic so there are no leaks.
Many ASUS routers now support WireGuard and OpenVPN out-of-the-box, but I use Asuswrt-Merlin firmware which adds some extra functionality like VPN Director (awesome feature) and others.
Have mine set up with OpenWRT, how to do it is in the OpenWRT documentation. No residential or even (small) business use needs to worry about load balancing.
Unifi OS 3.0 machines, UDM-SE and Dream Router.
Thanks for your response.
Is that what you are running?
I was interested to hear from folks who have more involved/custom setups, possibly with load-balancing.
That’s heaven on a pfsense box. Any tips on how to get this failover to work? I’d love that
Thanks!
What’s your DNS “situation“?
I have mullvad setup via wireguard on GL-AX1800 as well. I use policies to determine which computers utilize the vpn connection. It’s been about 6 months and works great. Very reliable and consistently fast.
Same router and same config!!
Out of curiousity do you run into broken sites because they’ve black listed the servers you’re connected to? I’ve always wondered how to get around that if it’s an issue when setting up a vpn on the router Vs individual devices.
I recently switched from OpenVPN to WireGuard. It’s life-changing! 
What’s your DNS setup like?
I really need to switch to wire guard. What guides for opnsense did you use to set it up?
What a quality guide! Thanks for sharing