Question VPN wireless need set up instructions...

[pen101]

I am on a cable provided ISP, currently using a netgear N900 wndr4500 V3 and paid subscription for vpn. The data base for dd-wrt says no way for V3 to be "konged". I figure the most inexpensive way since I have 30MBPS ISP is to hook my modem to a ASUS RT-N12 VD4,(10-45?MBPS) give it a separate IP (198.162.4.1)putting my VPN(ASUSWRT?)on it and wan(hardline) that sucker to my Netgear N900....am I correct? VPN'n every device is a pain, should I post what VPN I am using...is it relevant?
Thanks to anybody who can add some clarity,

 

[svalbaard]

I've read this 3 times and I still can't properly make sense of what you are asking. Perhaps you could rewrite it clearly and without the pointless slang?

If I am kind of understanding it though... although ASUSWRT is a great choice, I have it on my home router; bear in mind that putting the VPN workload onto your router will reduce your overall bandwidth at the client end due to the encryption overhead. This may reduce your 30MBps down to an absolute crawl and will certainly affect your ability to stream stuff of the internet.

For info: I up until recently had an ASUS AC88 router and a 100MBps line. With the VPN enabled on the router I could only ever get around 40 - 50MBPs. The only reason I now get the 80 - 100MBps via the VPN is because I shelled out £250 for the new ASUS AX88 flashed with the Merlin ASUSWRT firmware which offloads a lot of the OpenVPN encryption workload to a dedicated function.

 

[pen101]

As a point of fact, it doesn't matter which one goes first into your modem (use the fastest router first?), I have a router that couldn't be(?) flashed so I just bought a cheap Asus with the ASUS firmware built in, hardwired it to my box and flip back and forth on networks from my laptop. Distance isn't a thing with me so 2.4 works fine.
At the price of the newest dual band gigabyte port "PRE-FLASHED" for VPN, I jumped on that Asus for 30$ CND and have been very happy since.
AND YES if caught in a situation where you wish a vpn but cannot afford the 250-350$ for a pre flashed. Use you best router first that LAN from that and set up your VPN on that router that comes from that, you lose speed so...The Asus I bought does not have gigabyte ports, however Asus claims 10-100MBPS on theirs....useing this style because my home network was already set, two my vpn provider, provided a "kill switch" which was needed because it did not play as well as it should had on windows. The entire point of having a flashed router with your vpn on it is so you have no need to worry or fuss on it. The question mark about the flashing is there because the DD-WRT site seem somewhat behind....take your chances I guess.

 

[failboat]

As a point of fact, it doesn't matter which one goes first into your modem (use the fastest router first?), I have a router that couldn't be(?) flashed so I just bought a cheap Asus with the ASUS firmware built in, hardwired it to my box and flip back and forth on networks from my laptop. Distance isn't a thing with me so 2.4 works fine.
At the price of the newest dual band gigabyte port "PRE-FLASHED" for VPN, I jumped on that Asus for 30$ CND and have been very happy since.
AND YES if caught in a situation where you wish a vpn but cannot afford the 250-350$ for a pre flashed. Use you best router first that LAN from that and set up your VPN on that router that comes from that, you lose speed so...The Asus I bought does not have gigabyte ports, however Asus claims 10-100MBPS on theirs....useing this style because my home network was already set, two my vpn provider, provided a "kill switch" which was needed because it did not play as well as it should had on windows. The entire point of having a flashed router with your vpn on it is so you have no need to worry or fuss on it. The question mark about the flashing is there because the DD-WRT site seem somewhat behind....take your chances I guess.

A small home server can do VPN much better than a 1W cpu router. dedicated vpn hosts handle the "kill switch" much better. With openvpn you can run iptable rules when the tunnel goes up and and when it goes down. So when my host starts it blocks all forwarding, then when the tunnel is up it allows it. openvpn brings the tunnel down when it's not working which triggers the blocking again. systemd starts it every five minutes. I use policy based routing to redirect any traffic I want into the vpn gateway.

 

[pen101]

A small home server can do VPN much better than a 1W cpu router. dedicated vpn hosts handle the "kill switch" much better. With openvpn you can run iptable rules when the tunnel goes up and and when it goes down. So when my host starts it blocks all forwarding, then when the tunnel is up it allows it. openvpn brings the tunnel down when it's not working which triggers the blocking again. systemd starts it every five minutes. I use policy based routing to redirect any traffic I want into the vpn gateway.

Some of us just don't have A) the expertise and B) the MONEY for a dedicated server, I have been finding a lot of 2.4g routers that are inexpensive, therefor if they get "bricked" not much to lose. The Asus version of a dd-wrt software isn't that difficult to navigate(bonus) and I found the kill switch was only a necessity with windows software...but then again my knowledge and experience is limited, I am a almost 60 yo man that the world keeps a changing on, I am sure there are just a few out there like me, looking for simple inexpensive "fixes" and ya a 1 watt cpu falls right in there.....about 5 volt dc! I haven't had any problems what so ever with blocking or down time therefor no need for a kill switch...my guess...it's all what your doing with it...necessity has always been the mother of invention...Thanks for your knowledge, it may not be myself, but someone will probably put that to good use!