Am I truly hiding from ISP?

  • ATTENTION! As of November 1, 2020, you are not able to reply to threads 6 months after the thread is opened if there are more than 500 posts in the thread.
    Threads will not be locked, so posts may still be edited by their authors.
    Just start a new thread on the topic to post if you get an error message when trying to reply to a thread.

T.S.Fellow

Occasional Visitor
I have a two router setup, an rtac88u setup as the main router/VPN server. I have a lyra mesh setup as a vpn client of the main router. Then the ISP rented modem.

All devices in the home go through the vpn server, but there are a couple issues.

1. The Lyra always says "IP/routing conflict" when connected as VPN client, however it shows packets going back and forth and shows as connected under a tunnel. So it appears all is good and the routing conflict was ignored.

2. Whenever attempting to use a proxy, the ISP ip still returns using "what's my ip". When I write a config with a proxy, and connect a device, it shows a public IP of the proxy, but when I check the IP on sites like what's my ip, it is not returning the proxy ip, rather it is showing the ISP public IP. If I go to a web browser with a proxy, then the proxy works, or TOR the proxy returns the proxy IP, but through my VPN no proxy IP is ever present.

My question then is, am I even hiding anything from my ISP? Does their rented modem just see all my requests as the last end point before sending and receiving packets? I use smart DNS as well and no DNS leaks. That will return the correct DNS routing. I'm just concerned that I am not really doing anything having all this setup and then the ISP modem just sees the activity. Any help is greatly appreciated.
 

T.S.Fellow

Occasional Visitor
Where ever your VPN terminates they know what you are doing.

So below is a diagram of my setup. Everything runs VPN 24/7.

Lyra Mesh----------->RTAC88U---------->ISP Modem------------->Internet
(VPN Client) (My VPN Server) (Public IP)

So as long as the Lyra is on VPN, and any additional devices are on VPN that go directly through the VPN server I am good and hidden from the ISP seeing my activity?

Also, in this diagram, attempting to understand why a proxy will never show anything other than my ISP public IP. I can run TOR, or proxy a query through a search engine and the proxy will show on "what'smyip" as the proxy IP. However, when I run a config with proxy, all the VPN apps show that I am utilizing the public IP of a proxy, but going to "what'smyip" always still just shows my ISP public IP. So it appears I am never truly proxied. Any suggestions there? Thanks

Device-------------------------------------------------->RTAC88U---------->ISP Modem------------------------------------------->Internet
(Running Proxy Config) (My VPN Server) (Public IP doesn't change)
(Open vpn app shows public IP of proxy) (traffic shows that ISP IP is still public IP)
 

T.S.Fellow

Occasional Visitor
pretty much - we knew what was going on inside our network, speaking from telco experience...

So even with some of these protections that Asus offers, such as utilizing a home router as a VPN server for all my home traffic, I am still likely on the radar of my ISP? Trying to do my first version of a safe full home VPN buildout for friends and family.

For friends and family they are already on VPN and proxied as they are using my VPN server IP, but I would also like to proxy my traffic as today the setup is under a tunnel, but still represented by my ISP's public IP as the last hop is the rented modem from the ISP.

Wondering if I should get a modem and get the ISP completely out of the loop.
 

coxhaus

Part of the Furniture
As long as you control the network then you are protected with VPN. As soon as you hit the internet you are open.
 

T.S.Fellow

Occasional Visitor
As long as you control the network then you are protected with VPN. As soon as you hit the internet you are open.

So then is there a point to running a VPN server in my home if the intent is to protect internet browsing, streaming media etc? And if so, what is a better answer, run TOR option through Asus router all the time? Use an anonabox or something?

I just want to fully control packets to be encrypted, and to ensure that I can utilize an IP that is not going to give me away. But seems like proxies are an issue with the ISP modem in place. Thanks for the help. Really want to work through this myself.
 

coxhaus

Part of the Furniture
You are secure from company to company or home to company. Once you go off your network then someone else is in control. VPN was desgined to keep point A to point B secure.
 

sfx2000

Part of the Furniture
You are secure from company to company or home to company. Once you go off your network then someone else is in control. VPN was desgined to keep point A to point B secure.

Actually no... the ISP knows you're doing VPN, and they know the tunnel where it starts (your node), and where it ends (the VPN node).

And this is where things do get interesting... think about the Great Firewall of China - they use it to block access - the same technology is there for ISP's to monetize things.
 

coxhaus

Part of the Furniture
Where ever the VPN terminates if off your network they know what web pages you are accessing. The VPN does not follow all the way to all web pages. Your request exits the VPN and does normal routing. So yes.
 

T.S.Fellow

Occasional Visitor
Where ever the VPN terminates if off your network they know what web pages you are accessing. The VPN does not follow all the way to all web pages. Your request exits the VPN and does normal routing. So yes.
What is the answer for staying off their radar? Even though things are encrypted they can verify both end points. Does a proxy take care of hiding from isp? Or spoofing mac addresses of devices?
 

coxhaus

Part of the Furniture
You cannot hide destinations on someone else's' network. You can encrypt your data but destinations can't be hidden.
 

Hadley

New Around Here
Yes, VPN will hide your IP with secured tunnel but I recommend you to choose dedicated IP instead of dynamic or static ip as these IP can be traced with spam records but dedicated IP is fresh and does not possess any such bad history.
 
Similar threads
Thread starter Title Forum Replies Date
J Solved Asus RT-AC86U OpenVPN server behind ISP modem VPN 29

Similar threads

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top