Question Own VPN-setup help

[JohnL1995]

Hello guys!

Im going to summarize in few short sentences what exactly I want to achieve and how I want to do it, perhaps someone has better idea/advice .. this would be highly appreciated!

I want to setup my own VPN server with a unique IP adress which is dedicated to me only.
I know that there are multiple companies such as NorthVPN or whatsoever where you can just install the software on your PC, buy a dedicated ip address in a different country for 80 bucks a year and youre good to go.

I do not want to run any of this software on my PC and I dont want a dedicated ip address that belongs to a fixed company.

My plan:

Purchasing a pfSense VPN router and bridging it to my existing Router at home which has internet connection.
Renting a virtual server with a dedicated IP address, installing pfSense software there and then connecting it to my pfSense router at home.

So then I connect my working station via wireless to my pfSense router and obtain my wished ip adress and all this without running a program on my PC.


Am I right with my plan or any one has a better advice on how to achieve the wanting result?
Cost of the setup do not matter to me.

Thanks to any advice.

 

[bill001g]

Pretty standard personal vpn setup but many ways to do it other than with just pfsense.

So is your problem that you don't want software on your PC or you actually have some issue with using a commercial vpn provider.

It might be easier to just replace your router with one that allows you to have a vpn client. Most support openvpn and many also support wiregaurd. These are the 2 most common vpn methods used by commercial vpn.
Generally you would also use one of those two if you used pfsense also.

You could then connect your router to some commercial vpn provider if you find one that meets your requirement . If that is not good enough there are many hosted vpn providers that will rent you a private vpn server Many will even do the basic setup of the virtual serer and you only have to do some of the configuration like setting your passwords/keys.

If you want to use some box/pc as a pfsense server it will mostly work behind your router you might have to setup some port forwarding rules. It tend to be simpler and cheaper to just use a router that has this feature. You can load merlin on many asus routers to get a fairly advanced for of vpn client. The asus factory firmware also has vpn client support it is just not as fancy as the merlin.

 

[JohnL1995]

@bill001g

Thank you for taking time to help me out first of all!

So is your problem that you don't want software on your PC or you actually have some issue with using a commercial vpn provider.
Exactly!

1) Replacing my current router with another router whom I would connect to the server is not an option because the current ISP i have, does not allow to use your own router.
But on the existing router(the one i have from ISP) i can bridge my own router on top and this router can be connected to the server.

2) I would say that its not an option, because im still connecting my own router to the official VPN provider and the IP address i would obtain, even its a dedicated one can still be tracked to the company?
Thats why i want to rent my own server and build my own vpn there if that however makes sense.

3) Yes, i fully understand that i would need to configurate it.

So generally speaking its a good idea to do it in my way, I would just need to rent a server which is capable of running pfsense
Installing the software on the rented server and connecting my bridged pFSense router to the server?

I would require a server which supports FreeBSD, the OS on which pfSense runs on?

Pretty much any virtual server in the country would do the job, is that right? A server that is capable of running pfsense software

 

[bill001g]

Yes if you use a commercial service you run the risk of the IP pools being blacklisted. I have that issue from time to time with my vpn provider. Mostly if the site refuses to let me run from a vpn then they have zero chance of me buying anything from them.

You can do it the way you suggest. Pfsense is more of a firewall but it does also do vpn. Pretty much most linux images have vpn ability. It will be much easier to actually buy a virtual server that is already preconfigured and setup to run a vpn services.
From the sites I was looking at it was cheaper to buy a small vpn server that was setup to run vpn than to buy a generic server. I suspect it is because they feel someone running a vpn is not making money off it where if you were to run a web server you are.
In many cases you run both on port 443. This is commonly done by say someone in china trying to get past the government firewall. Even though it is vpn it appears to be a standard HTTPS session when in reality it is running openvpn.

I decided it was rather expensive most had rather low data caps on them.

 

[Math Geek]

you're concern about a commercial vpn ip being traced back to you is a valid one. however using a virtual service to run your own server has the exact same risk. any company has a block of public ip's they can hand out and they are tied to that company. throw in their logs of who is using what/when and you're back where you started, which is it is easy to connect traffic back to you through your "private" vpn

i run exactly what you are asking about myself. i have a virtual vpn server through a cloud service that i connect to from both home and mobile devices. but i have no doubt that if i were to do anything illegal with it, they know exactly who is using that public ip at what time. it is tied to my account when i am using the server.

don't know your motivation for wanting to do this but you may need to rethink whatever it is you are doing. there is no way to avoid someone knowing what ip you are using since every public ip is linked to someone who will happily hand over any data they have when asked for it. they have no reason to "protect" you and whatever it is you are doing on their service using their registered ip's

 

[JohnL1995]

you're concern about a commercial vpn ip being traced back to you is a valid one. however using a virtual service to run your own server has the exact same risk. any company has a block of public ip's they can hand out and they are tied to that company. throw in their logs of who is using what/when and you're back where you started, which is it is easy to connect traffic back to you through your "private" vpn

i run exactly what you are asking about myself. i have a virtual vpn server through a cloud service that i connect to from both home and mobile devices. but i have no doubt that if i were to do anything illegal with it, they know exactly who is using that public ip at what time. it is tied to my account when i am using the server.

don't know your motivation for wanting to do this but you may need to rethink whatever it is you are doing. there is no way to avoid someone knowing what ip you are using since every public ip is linked to someone who will happily hand over any data they have when asked for it. they have no reason to "protect" you and whatever it is you are doing on their service using their registered ip's

@Math Geek @bill001g

Thank you for your reply.

I absolutely have no intention to do anything illegal, otherwise i would be somewhere else but not on tomshardware! haha

My only concern that i have.. is that i dont want the dedicated IP address i would obtain to be linked to the most popular commercial VPN providers there are out there.. like the first google searches such as NorthVPN, expressvpn or however they are all called.
If i rent a virtual server from a company that is just overally renting virtual servers(none VPN servers), im fine i assume.

Ofcourse the ip address is tracked then to the company that is renting me the server and then it can be traced to the person who owns/rents it.. but im totally fine with it as im not doing anything illegal.



So I guess purchasing an pfSense router and renting a server where i can run FreeBSD on it, is the way to go.

 

[nigelivey]

You do not need PFsense on the VPS, what do you think this achieves? Any linux distro on the VPS would have the VPN server functionality. You can then set up the VPN client on PFsense or any other router distro your end to connect to your VPS. Does your ISP router have a pure "Bridge" or "Modem" mode?

 

[Math Geek]

@Math Geek @bill001g

Thank you for your reply.

I absolutely have no intention to do anything illegal, otherwise i would be somewhere else but not on tomshardware! haha

My only concern that i have.. is that i dont want the dedicated IP address i would obtain to be linked to the most popular commercial VPN providers there are out there.. like the first google searches such as NorthVPN, expressvpn or however they are all called.
If i rent a virtual server from a company that is just overally renting virtual servers(none VPN servers), im fine i assume.

Ofcourse the ip address is tracked then to the company that is renting me the server and then it can be traced to the person who owns/rents it.. but im totally fine with it as im not doing anything illegal.



So I guess purchasing an pfSense router and renting a server where i can run FreeBSD on it, is the way to go.

no problem, so long as you understand what you are actually getting

as i said i run the same thing myself and enjoy being able to fire up my own vpn server whenever i feel like it rather than paying a service to do it for me. do note you do need to look into securing it some as it is open to the web and thus vulnerable to someone attacking it. unlikely really, but it is a possibility.