Is there a route for setting up your own VPN to protect the originating IP of your personal network?
Currently I pay a third-party VPN service around $100/yr. Lately ive started to question trusting these services with so much access to my personal network and private info.
Appreciate any guidance and apologies in advance if this is the wrong place for this kind of scenario.
If you are interested in privacy you will ultimately still have to trust some third party even if you set up your “own” VPN.
You will need a server somewhere on the internet. Who will you rent this server from? What ISP are they using? How are you paying for this server(payment info can give away your identity)?
If you have a personal VPN, your traffic will be the only thing going in and out. Anything tracked back to that server can be tracked back to you.
Theoretically yes, but probably not. A VPN simply connects two (or more) networks together. You can use a personal VPN to connect to your network from outside, or to connect to another network you have access to. A “privacy” VPN simply allows you to connect to a third party network in an effort to mask your original network. Most will charge you a fee for this access. You can do this yourself if you have access to an outside network that is willing and able to mask your information, but that’s usually not available to the average user.
For example, personally I have a full time VPN connection between my home network and my parents home network. I could run all of my data through their network and it would appear that I’m on their network instead of mine. Ultimately that isn’t very much added privacy and that’s not the reason I have that link.
You can set up a VPN at home and make your mobile stuff connect to it on wifi for security. To get a third party ip you will have to connect to a 3rd party and pay.
You can definitely run your own VPN off of any internet connected computer you have access to. I run one off of an AWS Lightsail VM using Wireguard. Costs $3.50/month.
The use of any VPN will hide your local IP from the recipients of your traffic, and your traffic metadata from the operator of your local network and their ISP. However whoever operates the network your VPN uses and their ISP will have your metadata.
I don’t know where this half-truth VPN privacy thing comes from. The privacy is only for the data you transfer between the VPN endpoints not outside of it.
That is definitely a useful scenario to keep in mind.
Are there other technologies that might be good to look into besides VPNs? Thats the limit of my exposure to available options for protecting your network info?
I’ve been thinking of setting up a vpn between my and my parents networks so I can provide support when they need it. How did you set yours up?
Is there a service that provides IPs for use with with your personal VPN(potentially hosted outside your local network)? Or are you essentially now just putting yourself in the same situation as trusting a VPN service?
I like the sound of your AWS setup. As far as the last leg you mention about the network your VPN resides on having your metadata; is there no way to protect or obfuscate your personal metadata? Im guessing at that stage it would depend a lot on the available payment methods for the service.
I run a pfSense firewall at both locations and use OpenVPN for this link. There are plenty of “How To” walkthroughs on line. Just search for “VPN tunnel”.
Ultimately you simply set up a VPN server at one end to host the tunnel, and a VPN client at the other to connect to the host. Once that connection is established, it remains connected until manually disconnected. This allows me to ping/access devices in their network and vice versa. As noted earlier, I don’t try to force data through one router or another. Both networks are standalone and simply have this VPN connection as an add-on.
You just have to have a different address range at each location. For example, you can’t have both locations use 192.168.1.0/24 scheme. One can use 192.168.1.0/24 and the other might use 192.168.50.0/24.
VPN just tunnels your traffic to another location. Someone has to host the other side.
There’s not really any way to hide your metadata from the VPN network operator. There are a couple other options that could improve the privacy situation.
If you trust the VPN provider not to keep logs, then even though they could spy on you, they aren’t, and without logs they can’t tell anyone after the fact. There are a number of VPN providers who claim not to keep logs, though I think at least some have turned out to be lying.
If you don’t trust the VPN provider, you can chain two VPNs on two different providers together and if you pay for the second one anonymously, then the first one knows who you are and that you send traffic to the second provider, but doesn’t know anything about the destinations of your traffic (still knows times and amounts), and the second knows where your traffic goes, but doesn’t know who you are. A government could possibly work backwards to figure it out, but no single private sector entity would know what you’re up to.
I think Tor is also supposed to be able to help with the situation, but my understanding is it’s pretty slow so would be annoying for general web use.
To connect the two over VPN, did you determine the Internet-facing IP on the VPN host’s side and then point the VPN client to it to connect?
Yes. Use a dynamic DNS service to manage your public IP addresses.