Hey! We´re in the process of getting fiber installed at my house, so I have started thinking about how I´m going to set up my network, and could use a little help.
Right now I have an ADSL connection, with a modem in bridged mode connected to an Asus RT-AC68U with Asuswrt-Merlin firmware. I have a couple of Unifi products (3 AP´s, one switch, and one cloud key controller).
I´m thinking of replacing my router with the Unifi USG Pro to have everything controlled by the nice Unifi software, but the lack of OpenVPN support and (from what I´ve read) poor VPN throughput speeds have made me question getting one.
So, I´m thinking of buying/building a small VPN box with dual NIC´s, running pfsense or something, and using it just for the VPN connection and the router for everything else.
One problem I can think of right away is that I use the Asus router as both an OpenVPN client (to protect everything behind it) as well as an OpenVPN server (so I can access my home network from work and my phone, so I can show pictures from the NAS to friends, SSH into my servers, etc).
If I would build this VPN box, would there be any trouble connecting to the Unifi router if I set it up as an VPN server?
Right now I dont have a static ip, but my VPN service lets me open ports for services through the VPN tunnel, and then I use DynDNS to get the ip and use my port to connect to the Asus router. Works great!
But if I have an VPN box between the router and the internet, could I still connect to the router?
Im thinking ideally it should be “invisible”, I just get the IP from my VPN provider, and it lets everything through to be handled by the USG Pro routers firewall.
Would pfsense be a good software for this?
Basically, all I need is an capable CPU with AES-NI compatibility to get my VPN tunnel to gigabit speeds, and nothing more. The USG Pro will probably not do this, but I still want it due to the nice software, so I just want to move the VPN client to another computer.
Thoughts?