I have been reading about how to connect from outside the US and make it look like I am in the US and a lot of people are using the beryl product to accomplish this. I currently have a few questions and looking for some help.
I see that majority of people are using 2 beryl (1 for server, 1 for client)
-When setting up the VPN server, do I need to connect it to a service such as Mulvad VPN, Nord? Or can I create my “own” VPN connection ?
Can I use 2 brumes 2 instead of 2 beryl?
Or, can I use 1 brume 2 and 1 beryl?
If I were to use a beryl to travel, can I connect a switch so that I can connect more computer via ethernet?
Also, reading on how to setup the wireguard server, it states that if I am connection the brume or beryl to a router, I need to do a port forwarding. This is my current port forwarding option in my belkin rt3200, and would like to know to which port I need to “forward”
You can spend money and buy a vpn server as a service (mulvad, nord, etc), it usually provides more exit points in different countries.
Or do not spend money and set up your home VPN server on a Gl device (or directly on your Belkin router, if it supports VPN settings) and have one exit point with the location where this server will be located. In your case, this is your home.
Yes, Brume2 can be configured as both a VPN client and a VPN server
Yes, sir, you can
Yes, an ethernet switch will allow you to connect more devices to Gl routers.
I would add three things. First, if you are geolocating to the US for streaming services like Netflix, there is a bit of a war between the streaming services and the VPN providers as the streaming services try to keep kosher with their licensing. The streaming services block VPN endpoints if they can, and they often can. So running a home VPN works better.
Second, for a home VPN, pay close attention to your upload speed. For cable, this is usually much lower than the download speed, but the speed at which you upload from home is the speed at which you download abroad.
Third, for a home VPN, you can usually control which ports you’ll use, either in the forwarding or for the server. Many routers have relatively low security VPN servers (username/password rather than certificates), and this is a weakpoint. Moving openvpn off its default port of 1194 and WG off its default port is usually a good idea. (OT: why does wg have a default port in the dynamic range?)
I would not agree with this. It depends on when someone purchased their home VPN server and client. There are many people using GL-AR300M and GL-MT300M-V2 as home VPN servers for both Wireguard and OpenVPN. If your home Internet uplink speed is 40Mb/sec or slower, then there is no need to use a Beryl or above as the AR300M and other older GL iNet routers will handle that rate with Wireguard.
I have been using a AR300M for a long time at a family member’s house, as their uplink rate is only 35Mb/sec. I have modified it to work as an OpenVPN, SoftEther and Wiregurard VPN server using multiple ports, as with multiple protocols and multiple ports, it is harder to block it. One advantage of the AR300M is it has a lot more flash memory, allowing me to load more stuff than I could on a Beryl.
My remote router is an GL-AR750S-EXT. I been on constant travel, most of it outside the US, for well over a year using this setup.
The idea of this setup at this time is just for work, email zooms, etc… Streaming services are something I would consider in the future. Connection at home server will be 1gbps down/upload (fiber) and something similar at the other location as well.
I have some dedicated hosts that are work-related, so a bit more horsepower than is really required. There is a site called LowEndBox that aggregates specials from various providers. Most of them are relatively small providers, so the experience can vary a lot. One provider I found there has been fantastic over the 5 years I’ve used them, but another I picked up in November has already experienced three pretty significant outages.
I got both Slate, created 1 as a server, got the other one as a client (uploaded the file I got from the server one) and did a connection and it looks like its working, I need to test it from a different location now to check.
A few questions:
Are any of the below options needed to be on to be as private as possible and not to leak anything?
When I connect the Slate in a hotel or any place, will it connect to the vpn automatically? Before I connect my computer? What I am trying to ask is… Do I need to do anything before I connect my computer to show I am at home?
It depends. Where you have to clear a captive portal, the VPN function usually gets in the way. You have to connect to the slate, turn the VPN off, clear the captive portal, then turn the VPN function on. Obviously, if you are using the router in repeater mode, you have to connect to the slate, enter the SSID/password to make the connection first. If you leave the VPN function on, it should then connect. If you are making wired connections, usually it will set up the tunnel on its own, but that is a rarer use case.