Need Router purchase recommendation

[Tech Junky]

@Shanks23

Based on this thread I would rec to build your own device if you want better control of your data. All you need is a SFF PC and linux. Under $200 is better than the reliance on off the shelf leaks. Put it between the ISP / LAN and you're well protected if you set the FW rules and NAT correctly. Then also you can use any VPN you think provides better protection instead of the limited options router providers choose. For the VPN you need something that autoconnects on boot which IME Nord is the best option. You can inherently make your box less secure and let it auto login though to the desktop to launch the VPN upon boot but, do you want to physically secure the box?

Also, if you want more stealth go 5G / WWAN and use a sim instead. Not only are you behind the provider IPv6 but, every reboot of the modem gives you a different IPv4 mapping like a VPN would do on a reconnect. So, in your case your "WAN" from the provider could be 192.0.0.1 that maps externally to 172.56.x.x and then if you add a VPN to the mix you have a different exit point for your specific apps.

For the best speeds a 5G modem might run ~$200 w/ mmwave or ~$150 w/o. Then a USB kit to make it work might be another $50 w/ the cables / antennas / board. Then if you're in the US grab a phone sim through circledin.com for less than a FWA would cost and no reduced speeds for ~$30/mo or less if you don't opt for tether data.

 

[sfx2000]

What do you need this "VPN router" for in first place? Privacy and security you won't get. What else?

Just want to add here - if one is very concerned about privacy/security - the right place to have a VPN client app is on the end-point, not on the router...

I will always have concerns for a router being a VPN client - it makes for bad habits, esp when one goes off WLAN with laptop/tablet/mobile

VPN for a Router is best as the server side - e.g. inbound from the internet into one's LAN - because of that, one has to have the VPN client installed on the external endpoint.

IMHO - the VPN providers have done a very good job at marketing for what is basically something not needed any longer except for geo-unlocking content...

But they do a good job I suppose at scaring people - their message is like annual socks, be scared of the tip, otherwise you might be frakked...

 

[Shanks23]

@Shanks23

Based on this thread I would rec to build your own device if you want better control of your data. All you need is a SFF PC and linux. Under $200 is better than the reliance on off the shelf leaks. Put it between the ISP / LAN and you're well protected if you set the FW rules and NAT correctly. Then also you can use any VPN you think provides better protection instead of the limited options router providers choose. For the VPN you need something that autoconnects on boot which IME Nord is the best option. You can inherently make your box less secure and let it auto login though to the desktop to launch the VPN upon boot but, do you want to physically secure the box?

Also, if you want more stealth go 5G / WWAN and use a sim instead. Not only are you behind the provider IPv6 but, every reboot of the modem gives you a different IPv4 mapping like a VPN would do on a reconnect. So, in your case your "WAN" from the provider could be 192.0.0.1 that maps externally to 172.56.x.x and then if you add a VPN to the mix you have a different exit point for your specific apps.

For the best speeds a 5G modem might run ~$200 w/ mmwave or ~$150 w/o. Then a USB kit to make it work might be another $50 w/ the cables / antennas / board. Then if you're in the US grab a phone sim through circledin.com for less than a FWA would cost and no reduced speeds for ~$30/mo or less if you don't opt for tether data.

I chose the routers from Protectli, I will install OpenWRT there. But thank you for the info

Just want to add here - if one is very concerned about privacy/security - the right place to have a VPN client app is on the end-point, not on the router...

I will always have concerns for a router being a VPN client - it makes for bad habits, esp when one goes off WLAN with laptop/tablet/mobile

VPN for a Router is best as the server side - e.g. inbound from the internet into one's LAN - because of that, one has to have the VPN client installed on the external endpoint.

IMHO - the VPN providers have done a very good job at marketing for what is basically something not needed any longer except for geo-unlocking content...

But they do a good job I suppose at scaring people - their message is like annual socks, be scared of the tip, otherwise you might be frakked...

That's exactly what I planned to do, deactivate the VPN router's WLAN and only use LAN, and install another VPN on the device (from another provider).