I see more and more info, questions and tutorials about setting VPN client on a router. This seem to be quite a popular topic now. I know that people are concern about their security and privacy. But Ive been setting OVPN servers couple times and using a tunel always came with really big performance/speed loss. Thats why we use OVPN client software separately on each computer, and turn it on when needed. But for anything else from direct connection between offices we use normal unencrypted traffic.
So setting router as OVPN client and throwing entire network traffic through the tunnel for me is insane! Especially when we talking about home use and the fact that router CPUs mostly dont support AES-NI or any other hardware encryption.
I feel that either i dont fully understand this solution (im not an VPN expert) or maybe performance hit is not painfull at all and there something wrong with the way im doing OVPN setup, or maybe it is something about upload speeds of our ISP (5Gbit). Idont know. Because ive seen that some people get really good speeds even on 50$ Ubiquiti ER-X or Mikrotik RB750Gr3 devices.
Interesting… I have an openVPN client on multiple devices and my Internet connection appears to be slightly faster. I always figured it was due to some kind of compression being used. That being said, my connection only offers about 12MBit, so it isn’t very fast.
Apparently more and more routers support AES, for example routers relying on an ARM CPU like the ones used by pfSense [1][2]. Therefore this seems to be a dissolving issue.
As to why people want to run a vpn client on their router is possibly in order to ensure that everything runs through said vpn, without going through the hassle of installing a vpn client on various devices (desktop, notebook, smartphone, tablet). At least that’s the reason that comes into my mind. Besides, if you’re using pfSense you can also set which device’s network connection is tunneled, and which isn’t.
It has been my experience using OpenVPN does slow any traffic I run through it, but I am willing to take the performance hit in exchange for the privacy a tunnel connection provides for some of my traffic needs. I think if I had a dedicated remote OpenVPN server instead of a virtual privet server running my OpenVPN server my traffic I run though it would be faster.
I run a VPN client on my router. Why not? If you’re serious about protecting your network activity it’s a hell of a lot easier to stick the client on the router than to have a client for every device on your network.
Not to mention that some VPN services limit the number of devices you can connect with simultaneously…but the router counts as one device.
Are there performance costs using a VPN? Of course. I would love to live in a country where my ISP wasn’t free to spy on all my traffic and sell any information they collect to anyone who might care so I didn’t have to bother with this. But that’s the state of things in the US right now…