I'm considering a VPN to help protect my internet connection to bypass region locks and other draconian practices which seem to be the norm these days.
I'd like to set up a VPN for my entire LAN network, at minimal cost if possible. At the moment I use an ADSL2+ modem router (A Billion 8800AXL) which doesn't have any VPN client or server support, and no custom firmware support either.
What I would like to do is:
Have one computer running the VPN client. The router would pass the internet connection directly onto this computer.
Share the VPN connection back to the router. The router would then point all other computers to the VPN connection for their internet connection.
Things I don't want to have to do:
have to put in settings on any of the client computers (because that would be a pain in the arse).
Is this even possible? Would it be possible on my router (remember custom firmware is not an option here as I still need to use the ADSL2+ modem in it)? Or should I just pony up and buy Tomato firmware ASUS RT-AC68U, and use my billion as a standalone modem?
BTW, I have a MinnowBoard Max lying around (dual core Bay Trail 1.3 GHz, 2GB RAM), which I could put to use for this.
You CAN do this with a router running DD-WRT. But since you have a little dual core machine, that opens up a new door: pfSense.
I suggest you watch Logan/Wendell/Qain's pfSense HowTo video, and get a basic router setup working (I'd stay off the antivirus and caching part of it until you get more used to it). Once you get to that point, you can use the OpenVPN part of pfSense to set up your VPN connection. If you need help, I can't really help you since I've never done this, but there are several others on the forum who have and I'm sure they'd be happy to chime in.
If you run into any problems setting up pfSense let me know, I'm here to help. Hope it works out for you!
Oh, sorry, forgot to include that you'll potentially need to do something special if you've got an embedded board like the MinnowBoard. If its got a SATA port, you might can install pfSense on a hard drive with that, but other than that I can't really do much more than leave you to Google as I know almost nothing about the MinnowBoards. If that doesn't work out, see if you can't dig up a Pentium 4 or Pentium D computer, pfsense has low sys requirements. If you'd end up having to buy a router to use Tomato or DD-WRT anyway, only makes sense to use a PC instead for more power, especially if you've already got one laying around!
Honestly, some routers already have the feature built into the firmware that allows you to have the router handle all the VPN action so you won't need to set it up on any of the computers.
If your current router does not support that look to see if there is any aftermarket firmware that works on your router that can. All else fails you can put something like PFSense on that system you have and turn it into a router and replace your current router.
If you don't want to buy a router with custom firmware and you have a PC you want to dedicate to this then what you want to do is configure the VPN connection on that computer, configure routing and NAT (this will be specific to whatever OS you're using) and then use that computer as your gateway for the rest of the LAN.
pfSense is a good choice if you want a dedicated machine for this, but you can do it on another OS if you want. I'd reccomand going with pfsense for this but it can be a little tricky to configure. Most VPN providers will have a guide for configuring pfsense to work with their service but if you want I can help you out with it.
At the moment I use an integrated DSL Modem + Router. I looked for custom firmware for it but apparently this is not done as the DSL modems work off a proprietary platform, so it is not supported by any open source firmwares.
The Minnowboard Max does have one SATA port, as well as a SD card, 2x USB, 1x Ethernet, 1x HDMI. So it is a pretty cool device. It is more aimed at robotics/hobbyist (which is why I bought it, just I haven't got around to using it for that yet). 64bit UEFI.
I will do some reading on pfSense and come back here if I cannot figure out how to set it up. Thanks for all the advice!!
If it can boot from an SD card you can likely install pfSense that way, but you'll probably have to do some ceremonial dances or something to get it to install using a serial console :P You could also just use the embedded image, but that limits the filesystem and some packages I think.