General Category > Ideas/Feature requests
VPN on a specific network
adx:
I'm no expert on VPN or networking, so I hope my question/request makes sense.
I was wondering if the Almond+ can support a feature where a VPN connection
can be established (and shared) on a specific network (e.g. 2.4Ghz network) while
keeping the other network (e.g. 5Ghz) on a "normal" connection.
I currently use a DDWRT router and whenever I use VPN, I experience a great reduction
in speed. This is ok for my own purposes, but since I share the internet connection
with others, they also take a performance hit (on their "normal" internet use)
until I disabled VPN.
So if Almond+ can somehow "isolate" the VPN connection on one network (2.4ghz),
then the other users in my network can just connect on the non-VPN network (5ghz)
and enjoy the "full" internet speed.
pete:
Yup
One of the other issues relating to IPSec VPN and sometimes SSL VPN is the throughput and size of the pipe. Its kind of an "all you can eat" type of connection.
This is where sometimes an SSL VPN is chosen over an IPSec VPN methodology.
IE: you can set QOS rules as it leaves the source but cannot see inside of the pipe to dynamically change it while active.
Another issue that crops up is split tunneling; say you want to print from the VPN tunnel network to a local printer not on the same subnet and not in the VPN tunnel. Strict adherence dings the flexibilty; the chicken and the egg thing; a sort of circumvention of what the purpose of the VPN is for.
Please correct me if I am misunderstanding
Patrick Wilson:
--- Quote from: adx on August 15, 2013, 03:14:06 pm ---I'm no expert on VPN or networking, so I hope my question/request makes sense.
I was wondering if the Almond+ can support a feature where a VPN connection
can be established (and shared) on a specific network (e.g. 2.4Ghz network) while
keeping the other network (e.g. 5Ghz) on a "normal" connection.
I currently use a DDWRT router and whenever I use VPN, I experience a great reduction
in speed. This is ok for my own purposes, but since I share the internet connection
with others, they also take a performance hit (on their "normal" internet use)
until I disabled VPN.
So if Almond+ can somehow "isolate" the VPN connection on one network (2.4ghz),
then the other users in my network can just connect on the non-VPN network (5ghz)
and enjoy the "full" internet speed.
--- End quote ---
I'm afraid I'm completely lost by your message. I've only ever used VPN's to connect from my Router to remote VPN Servers on the Internet, (ie bridging networks via VPN), or for remote access from my Laptop to my network via VPN.
I don't quite understand using VPN technology over a Wi-Fi connection internally within a network. Perhaps I'm missing something.
adx:
Hi Pete,
Sorry, I'm not sure if I fully understand your explanation.
But if my guess is right, you're saying the all I need to setup is the QOS rules
to achieve what I'm asking for. I'll need to read up on this subject more.
I mainly use the VPN connection at home to access content not available in my country.
I do this via my DDWRT enabled router.
So my needs/use case is pretty simple. If I need to access geo-restricted content,
I turn connect via VPN, and if not I use the "normal" connection. But this would
require me to manually change the WAN connection setup back and forth between the two configurations.
So I was wondering if the 2.4Ghz network can have a "separate" WAN connection setting
from the 5Ghz network. With this setup, I can just setup the 2.4Ghz network as "VPN internet" for geo-restricted
content and then the 5Ghz as "normal internet" for full-speed connection.
I'm not sure if this makes sense, so forgive my ignorance if my statements sound ridiculous.
If this is indeed not possible, then at least I hope the Almond+ can provide a one-touch button
that would allow me to switch between pre-configured WAN connection settings.
pete:
Weird we were typing at the same time. ;D
I'm best guessing adx; if a VPN tunnel would be utilized in a wireless pipe it might provide some better uptime / throughput based on the assumption that when the VPN tunnel is up regular it dings the performance of the rest of the non VPN users.
You can't though dynamically change the pipe or look inside of it once the tunnel is established. You can provision the size of the pipe before it is up though.
An example would be to go to a public wireless internet hot spot and dividing up the network such that dedicated VPN network would be autonomous from the non VPN network.
Personally I don't think its going to help maintain a better connection because of the radio propagation stuff. This is my guess though.
I see that many folks do a VPN across geographic zones mostly related to local content of stuff (whether that is radio or video broadcasts). I do that sometimes.
You could though just do a split VPN tunnel such that the same client can access the data locally and via the VPN tunnel. Taking it to wireless you it would be a bit of pita and would be work with separate networks or interfaces. You can QOS wireless but you can't QOS it if its in a VPN tunnel because you don't know what is inside of the tunnel to QOS.
IE:
I am in the US and I want to hear and watch BBC's IPlayer local radio / video stuff. I cannot from Chicago. My options are to create a point to point tunnel from here to the UK. Then take this tunnel to one radio interface on the wireless dedicated it to the 2.4Ghz radio while still proving regular internet on the 5Ghz radio with the assumption that the VPN tunnel will always take precedence over the non VPN tunnel eh? Not sure if this the correct understanding? I do multiple WAN interfaces on my firewall and moving toward load balancing the internet connections. You can this with separate WAN interfaces.
Navigation
[0] Message Index
[#] Next page
Go to full version