Trying to understand the hardware configuration needed for a pretty foolproof VPN solution.
I’m leaning towards a GL A1300 travel router, which I understand that I’d plug into my work laptop. Beyond that, would I just buy an online VPN subscription, configure it in the router, then be good to go?
Current configuration/requirements:
- Home modem is provided by ISP, own my own home wi-fi router.
- Cannot install ANY software on my work laptop.
- Want to avoid location leaks or VPN detection on work laptop.
- Have Windows installed on all computers.
My main questions:
- Would I just need one travel router to plug into my personal laptop, or do I need something extra plugged into my home setup as well?
- Can I connect my laptop to the travel router via wifi, or does it need to be ethernet?
- Can the travel router connect to internet via wifi, or does it need to be ethernet?
- Worried about wifi location leaks, though I don’t understand enough to know if this is an issue.
- Is it possible to create a private VPN to my home setup. Is this an ideal solution?
- Remember, I can’t touch the laptop, so I can’t e.g. create a virtual server on it.
- My concern is that if I use a public cloud VPN service, the administrators of the work laptop will be able to note that the IP is coming from a cloud VPN, even if the location seems fine.
Turn off WiFi and Bluetooth on your laptop. Ethernet laptop to your A1300 router. Then either use the repeater option to connect to the existing WiFi or run a cable to your mail router. A1300 should have VPN enabled, with a residential IP.
Turning off WiFi and Bluetooth will prevent laptop from searching nearby networks and locate you.
I have a wireguard VPN server running on my home router (Ubiquity UDM SE) and connect to it with my Beryl AX (GL-MT3000). I have Wi-Fi and BT turned off on my work laptop and connect to the travel router by Ethernet.
Your understanding is correct. There are two popular scenarios for using the router
- Buy VPN subscription, set it up on the router and you are done. Choose a VPN server and that will be your “public” presence
- Setup a second router in your house and setup the travel router to connect there. Your “public” presence will be your home network
Each one has pros and cons. The first one is simpler to setup (just one device) but the second is more undetectable (that you are using a VPN).
So your questions have different answers regarding which setup you choose. In both cases you don’t need to install anything on your laptop.
Answers
- If you go scenario 1 you need one travel router. If you go scenario 2 you need a second one at the home network
- Doesn’t matter. Prefer ethernet though for stability
- Doesn’t matter. Prefer ethernet when available.
- Turn off bluetooth, wifi and location services on your laptop. Connect with ethernet cable
- That is scenario 2. Yes you can do it. It is more complex. Also your power might go out.
- In both scenarios the laptop is untouched
- Depends on how much expertise they have and how bad they want to catch you. No setup is bulletproof
You might also want to check out the digital nomad guide https://www.reddit.com/r/digitalnomad/comments/nmb9co/your_guide_to_the_digital_nomads_vpn_setup/
I have similar setup but issue is changing IP from the home internet ISP . any solution for that ? my ISP doesnt provide static IP.
I use that exact one.
Just logon to the control panel on the router, join it to whatever Wi-Fi, and connect up to any VPN provider, so long as they support open VPN etc like PIA
Then join your devices to that router
All good
I don’t know how you will be able to avoid the VPN detection. I mean, if they actually look for the IP from which you are connected from, they will figure out that you are using a public VPN service.
Apart from that, the rest of the requirements can be met with a travel router.
A1300 should have VPN enabled, with a residential IP.
Does this mean it comes with its own VPN? I thought I still had to purchase an online VPN solution, and that the A1300 just has the ability to configure the 3rd party VPN directly in its onboard software.
And doesn’t the visible IP (that is, the one visible by any external parties I connect to online) come from the VPN endpoint - aka where it leaves the online VPN’s data center? I thought the personal IP (whether directly from the laptop or from the travel router) is masked by the VPN.
My understandings are probably incorrect!
Does this setup only work while you’re at home?
How do your Beryl and Ubiquity connect while you’re traveling?
This is a better guide: Digital Nomad VPN Setup | Tech Relay
I’ve also written some instructions in the digital nomad subreddit before as well.
You don’t need a second home router if your existing home router can function as a vpn server.
Are you using a wireguard vpn?
I’d try turning on the Dynamic DNS option. It’s most about connecting to the router, but it does map the rotating public IPs to a static address, so may also solve whatever problem you’re having?
Thanks, actually really useful!
Thanks , very helpful . but how to deal with changing IP’s ? my ISP is not providing static IP so each time router restarts public IP of my home will be different … will the vpn continue to function as is ?
You can buy a residential IP (ex: https://torguard.net/dedicated-ip-vpn.php) or use your home router as a vpn server.
That’s what I heard from other digital nomads who are trying to hide their location. My assumption is that if an AirTag can determine its location, then when another device can find a Bluetooth signal, it can transmit the location, even if it’s not an AirTag or similar. Better safe than sorry.
Beryl (and other Ginet routers) has native support for working as a wireguard (or openVPN) client.
My Ubiquity home router functions as a wireguard server with a VPN VLAN. My Beryl connects to whatever internet source it wants to from outside my home network (hotel wifi, phone hotspot, etc). The Beryl functions as a wireguard client and connects to the Ubiquity’s wireguard server. From the perspective of a client device (my work laptop) connected to the Beryl, it believes it’s connecting from my home network’s VPN VLAN
.
Buy vpn with dedicated IP addon