VPN Primer for Noobs

What VPN Solution are you using?


  • Total voters
    857
From your home network, access a service like Whatismyip and get your current IP address. Connect via your VPN and repeat... it should be the same.

I followed the steps in this guide.

I don't have any connected devices like an IP camera, on the network.

Randy : OpenVPN on a Asus router

* I setup the DDNS.
* I set up the VPN Server.
* I downloaded OpenVPN Connect to my Android phone, and connected.

I didn't do any settings for VPN Client, there weren't any steps on that guide. Do I need to?

I went to whatismyip on my desktop, and on my phone, after connecting to the VPN. The public IPv4 was the same, but the local IP was different.

Does that mean I'm connected properly, or not?

If I log into my router, and go to the VPN Server section, and look at the user name, it says "Connected" in green.

I tried going to the DDNS URL from both my phone, and my desktop, but it says the site can't be reached. I set up the DDNS several hours ago.

What else can I do to validate that the VPN is working?

Is there something I can do on a connected device through the VPN, like my Tivo, that I wouldn't be able to do if I was only on my regular Wi Fi?

I also tried downloading the PC client here:

OpenVPN - Open Source VPN

But when I try logging in, it doesn't accept the credentials. Is that because I need a Private Tunnel account?

Can I still connect to the VPN from my desktop?



Also, please confirm if my understanding is correct. Once I have a connected IP camera, if I'm just connected to my network via hardwire or Wi Fi, then I shouldn't be able to access my camera streams.

But if I then connect through the VPN, then I will be able to access my camera streams?


And again, asking for my understanding's sake. Let's say I'm connected to the internet via an outside network. I then download a VPN client and connect to the VPN. I'll now be using bandwidth through the router where I configured my VPN, and not through that outside network?
 
What else can I do to validate that the VPN is working?
You should be able to log into your router as if you were home. Then, in the menu area where connected devices are listed, you should be able to see your mobile device. Then try to access your TiVo in the same way as you would at home.
I didn't do any settings for VPN Client, there weren't any steps on that guide. Do I need to?
Yes. Every device must have credentials installed to access the VPN. Think of it like a very complex password.
Let's say I'm connected to the internet via an outside network. I then download a VPN client and connect to the VPN. I'll now be using bandwidth through the router where I configured my VPN, and not through that outside network?
You will be using bandwidth on both networks.

Cheers, Steve
 
You should be able to log into your router as if you were home. Then, in the menu area where connected devices are listed, you should be able to see your mobile device. Then try to access your TiVo in the same way as you would at home.

Yes. Every device must have credentials installed to access the VPN. Think of it like a very complex password.

You will be using bandwidth on both networks.

Cheers, Steve

Ok, I added a VPN connection profile. It is a Windows client.

I already had the OpenVPN server credentials configured.

I configured a profile for OpenVPN Client.

I uploaded the *.ovpn file.

How can I access my Tivo or Ooma differently via the VPN, then I would via Wi-Fi or hardwire?

Basically, I want some way to test that I can do something different on my VPN, then on Wi Fi or hardwire.

But can I test this when I'm already at home, on my home network?
 
Last edited:
Ok, I was at the grocery store and I connected to their Wi-Fi. I was able to connect to my router when I was connected to the VPN, and I wasn't when I disconnected.

So that validates that.

However, I was unable to connect to my DDNS from the web browser, even after logging into my VPN. Why is that? I just used the URL as is, with no slashes or anything after it.

Also, after connecting to the VPN, if I browse the internet, am I only using bandwidth from my home router? I ask because Tivo Online only lets one watch recorded shows if one is on the home network.

(Tivo Online is down right now, so I couldn't test this at the grocery store.)

Is there some configuration I have to do to browse the internet from my home router, after logging into the VPN?
 
Ok, I was at the grocery store and I connected to their Wi-Fi. I was able to connect to my router when I was connected to the VPN, and I wasn't when I disconnected.

So that validates that.

However, I was unable to connect to my DDNS from the web browser, even after logging into my VPN. Why is that? I just used the URL as is, with no slashes or anything after it.

Also, after connecting to the VPN, if I browse the internet, am I only using bandwidth from my home router? I ask because Tivo Online only lets one watch recorded shows if one is on the home network.

(Tivo Online is down right now, so I couldn't test this at the grocery store.)

Is there some configuration I have to do to browse the internet from my home router, after logging into the VPN?
When using vpn, you dont need the DDNS address, you use the local ip.
You are using both your cell and home data
you should be able to browse the net no problem when connected to the vpn
 
When using vpn, you dont need the DDNS address, you use the local ip.
You are using both your cell and home data
you should be able to browse the net no problem when connected to the vpn

Thanks.

Why couldn't I connect via the DDNS address when I wasn't on the VPN?
 
Because you don't have any ports forwarded on your router, as it should be.
There is nothing to connect to unless you have a VPN running


Thank you. Ok, so I need a connected device on the network with port forwarding, in order to use the DDNS, once I connect to the VPN.

Until then, then the router is the only thing I can connect to, on the VPN.

And because I have the VPN set up, then I won't be able to use the DDNS, even if I have a connected device with port forwarding, if I'm not connected to the VPN. Thus, this is the point of the security the VPN provides.

Correct?
 
I'm not sure what you need. Is your system working or not working... or are you just trying to understand the data flow? Regarding the latter, I offer the following as a basic sequence (though stand to be corrected by more edumacated folk).

smartphone -> VPN client app -> private, encrypted internet tunnel -> DDNS -> your home IP address -> your router -> VPN server -> your home network -> your connected devices

The DDNS system is essentially a register which keeps track of your changing home IP address, and provides it with an unchanging contact detail. Without it your VPN client will not find your house...

Cheers, Steve
 
I'm not sure what you need. Is your system working or not working... or are you just trying to understand the data flow? Regarding the latter, I offer the following as a basic sequence (though stand to be corrected by more edumacated folk).

smartphone -> VPN client app -> private, encrypted internet tunnel -> DDNS -> your home IP address -> your router -> VPN server -> your home network -> your connected devices

The DDNS system is essentially a register which keeps track of your changing home IP address, and provides it with an unchanging contact detail. Without it your VPN client will not find your house...

Cheers, Steve

Sounds right to me
One other thing is you can't connect to the DDNS address, I got some weird stuff when I tried. But there is no reason to, as barboots showed, DDNS just helps to route from your phone to your home network.
 
Until then, then the router is the only thing I can connect to, on the VPN.

When I first set up OpenVPN Server on my router I could only see my router.
I had to add a route to my NVR's network segment to be able to see my NVR and cameras.
 
I'm not sure what you need. Is your system working or not working... or are you just trying to understand the data flow? Regarding the latter, I offer the following as a basic sequence (though stand to be corrected by more edumacated folk).

smartphone -> VPN client app -> private, encrypted internet tunnel -> DDNS -> your home IP address -> your router -> VPN server -> your home network -> your connected devices

The DDNS system is essentially a register which keeps track of your changing home IP address, and provides it with an unchanging contact detail. Without it your VPN client will not find your house...

Cheers, Steve

Yes, I was just trying to make sure I understood the data flow. Because I don't have my cameras installed yet, I don't have connected devices. But I wanted to make sure I had correct setup, and understood the setup too.

The devices I have on my network are an Ooma and a Tivo, but I don't think there's anything I can do with them remotely, from a VPN.

So once I have my cameras installed, after I'm connected to the VPN, I can use the DDNS URL with the port for my cameras, to view them. Correct?

Until then, the router is the only device I can access on the VPN.
 
Sounds right to me
One other thing is you can't connect to the DDNS address, I got some weird stuff when I tried. But there is no reason to, as barboots showed, DDNS just helps to route from your phone to your home network.

I asked this in the post I just submitted, but after I have my cameras installed, and I've enabled port forwarding, do I use the DDNS URL with the port for either a camera, or the NVR, to view them? Do I manually use the DDNS URL for anything?

Or, as you said, does it just help the VPN client find my home network?
 
I asked this in the post I just submitted, but after I have my cameras installed, and I've enabled port forwarding, do I use the DDNS URL with the port for either a camera, or the NVR, to view them? Do I manually use the DDNS URL for anything?

Or, as you said, does it just help the VPN client find my home network?
DONT ENABLE PORT FORWARDING!!!!!!!!!!!
 
I asked this in the post I just submitted, but after I have my cameras installed, and I've enabled port forwarding, do I use the DDNS URL with the port for either a camera, or the NVR, to view them? Do I manually use the DDNS URL for anything?

Or, as you said, does it just help the VPN client find my home network?
You don't use the DDNS URL for anything. The router uses it when it sets up openvpn, so you need it, but you never use that URL for anything.

And with openvpn you don't port forward, that's the point of openvpn.
 
DONT ENABLE PORT FORWARDING!!!!!!!!!!!
There is a "port forward" of sorts in some VPN set ups... Gargoyle for example. I was concerned by the terminology, however it is about routing through to the internal VPN server... not dropping your pants in general.

Cheers, Steve
9d98a4722c96a5c06ea2f8823e5d79f5.jpg
 
I in the process of buying a new house and will be redoing my camera system and home network.

I have a LaView NVR that I used to view remotely via port forwarding. Obviously, this isn't a good solution. My question comes into how to set up the entire network.
I have a fairly new Linksys EA8300 which unfortunately doesn't have VPN capabilities nor is there any third party software that I can find. I'd prefer to keep this router as its less then a year old but can change out for another if required.

My confusion mainly focuses on the fact that I also run a FreeNas box. I have it setup within the household for remote storage but its main task is to run Plex. I have several family members who have remote access and view the library. My understanding is if I put VPN software on my router then you'd have to login to access. This I don't believe would be feasible as they all use Roku boxes to view. Would I be able to port forward through the VPN to the outside world for the Plex ports?

Another bit of confusion is how remote viewing works. I'm assuming you'd have a VPN client on your cell phone, login, and then open TinyCam or whatever viewing software? I'd then be getting the streams as if I was on the home network correct?