Surfshark support both wireguard and oepnvpn clients, if you configure a router correctly that supports these, yes it is possible. I can't start enough though how bad an idea this is.
I don't get it, why is that bad idea compared with installing on every PC?
As I see it, it's just doing the exact same thing, but inside the router so all downstream PC's get the benefit.
What am I missing?
I do not think you are missing anything. The only disadvantage is that the VPN part is more difficult to get working. I never had a problem getting pfSense or OPNsense to work on random hardware. (1)
I think there is a disadvantage to using a consumer grade router, including the one which comes from your internet service, because they have a terrible record for security and reliability. If you put your pfSense or OPNsense router between your provider's device and your network, and likely access the internet through a VPN, that will protect you from your provider's security lapses.
I always recommend using a pfSense or OPNsense router instead of a consumer piece of junk, whether VPN features are desired or not, unless a router from someone like Ubiquiti or mikrotik used.
(1) Back around, oh, call it 2010, the ice maker in my kitchen leaked and the water dropped into the basement directly onto the Pentium 2 hardware that I had running pfSense. It took me about 20 minutes to pull the ethernet cards and drive and install them into a decommissioned Gateway Pentium 4. It booted on the first try, and all I had to do was assign the ethernet interfaces from the console to get back up and working like before.
Those "millions of people" just connect each PC directly, not via a router.
Doesn't practically everyone have modem -> wifi router -> PC(with VPN software)
Why can't the VPN software be on the router instead?
My router (PCEngines OPNsense, shown below) and wifi (Ubiquity UniFi) are separate devices, but it works out to the same thing. Combination wifi-routers tend to be limiting and buggy; I have not used one since before 2000 when I installed the predecessor to pfSense, m0n0wall, on a Packard Bell 90 MHz Pentium with 128 MB of RAM.
The VPN software, or more properly the VPN endpoint, *can* be on the router, and do exactly what you intend and more, but at least in my experience, the VPN part is difficult to get working unless you have specific instructions for setting it up. The easiest option is to buy a small hardware router which is preconfigured for the VPN service that you want to use.
Another thing to note... Contrary to what providers say, pretty much everything you do today is encrypted with "military grade encryption". With a decent gateway you can enforce encrypted DNS too, making your activity on the Internet completely illegegable to an attacker. VPN services are overrated.
How else do you make your PC appear to be in another country without a VPN server in that country?
Well, that is exactly the point. Most things you do on the internet now are encrypted by the selection of protocol, like HTTPS or encrypted DNS, but that still allows traffic to be traced back to you through your IP address. A VPN service effectively conceals your IP address, and usually traffic patterns, by using a remote IP address as an exit and entry for multiple users through NAT and lack of logging where it is not required.
I am still terminating my VPN connections on my individual systems, but I would prefer to have my router be the VPN endpoint. I know my router running OPNsense can do it; I just have not put enough effort into getting it to work. PFSense would be easier because of better documentation for specific services, but I prefer OPNsense since pfSense went commercial; I am not entirely happy with NetGate.
Home
Help
Search
Login
Register
