mirage22
Regular Contributor
Hi,
I pay about USD 60 for VPN access through a VPN service provider every year.
I am wondering if I can build a vpn service just for me and my family.
The vps instance need not be huge but definitely do not want an SSD VPS like most vps's today. So that i can bring down my costs.
Reasons for building my own vpn for personal use.
1) Geo-ip location change. Plus I do not want people using the service to spam and eventually the IP is branded as evil across the internet.
2) Don't want to use the IP which is branded as coming from a VPN exit node.
2) connect more than 3 or 5 clients. I have phones that don't just connect from home, laptops, and I want all my family members to use it without hassle - family would include folks in other homes.
3) Single IP at the frontend. So I can keep all kids under the OpenDNS HOME monitor to ensure that they surf safely. And so do other family members
.
4) I really don't know who is at the other end managing my VPN service.
5) while we want a lot of bandwidth, we won't be using it for torrenting. so having a dedicated ip will not be a problem for us.
So here are the questions
1) Suggested vps servers. Cheap, good bandwidth (kids will be watching a lot of video) and good pipe, say 100mbps. About the same price range of USD 50-60 annually. Always up. Based in USA east coast.
2) want to configure OVPN and IKEv2 both on this VPS.
3) Can multiple clients use the same connection from different locations? Office, home 1, home 2 etc
4) Will the IP address in such a configuration be the IP address assigned by the Server provider?
5) Technical setup help for OVPN server on such an instance and for IKEv2. I saw a setup solution by digitalocean on the internet. Minimum system requirements.
6) Firewall rules to protect everybody behind the ovpn / ikev2 connection. especially on open ports like 443.
7) Can i beef up the security options like choosing AES-512-CBC for data transmission, 4096 cipher strength at handshake, SHA2 512 perhaps. obfsproxy (but not tor) or probably one of the algorithms not designed by the N. SA. and how about elliptical curve cryptography along wih TLS?
8) suggested clients to use to connect the laptops etc. i guess ovpn client should be good. for phones etc we will use IKEv2. We could also configure the ovpn client on the routers for ease of use at home.
I pay about USD 60 for VPN access through a VPN service provider every year.
I am wondering if I can build a vpn service just for me and my family.
The vps instance need not be huge but definitely do not want an SSD VPS like most vps's today. So that i can bring down my costs.
Reasons for building my own vpn for personal use.
1) Geo-ip location change. Plus I do not want people using the service to spam and eventually the IP is branded as evil across the internet.
2) Don't want to use the IP which is branded as coming from a VPN exit node.
2) connect more than 3 or 5 clients. I have phones that don't just connect from home, laptops, and I want all my family members to use it without hassle - family would include folks in other homes.
3) Single IP at the frontend. So I can keep all kids under the OpenDNS HOME monitor to ensure that they surf safely. And so do other family members
.4) I really don't know who is at the other end managing my VPN service.
5) while we want a lot of bandwidth, we won't be using it for torrenting. so having a dedicated ip will not be a problem for us.
So here are the questions
1) Suggested vps servers. Cheap, good bandwidth (kids will be watching a lot of video) and good pipe, say 100mbps. About the same price range of USD 50-60 annually. Always up. Based in USA east coast.
2) want to configure OVPN and IKEv2 both on this VPS.
3) Can multiple clients use the same connection from different locations? Office, home 1, home 2 etc
4) Will the IP address in such a configuration be the IP address assigned by the Server provider?
5) Technical setup help for OVPN server on such an instance and for IKEv2. I saw a setup solution by digitalocean on the internet. Minimum system requirements.
6) Firewall rules to protect everybody behind the ovpn / ikev2 connection. especially on open ports like 443.
7) Can i beef up the security options like choosing AES-512-CBC for data transmission, 4096 cipher strength at handshake, SHA2 512 perhaps. obfsproxy (but not tor) or probably one of the algorithms not designed by the N. SA
. and how about elliptical curve cryptography along wih TLS?8) suggested clients to use to connect the laptops etc. i guess ovpn client should be good. for phones etc we will use IKEv2. We could also configure the ovpn client on the routers for ease of use at home.
Last edited:
