2/3 travel through the encrypted tunnel across the public internet to the hosted server outside of my network, which would have a different ip address than my local LAN, right? If I had the client and server BOTH local on my machine, if that is even possible (maybe through vm), then the encrypted tunnel would be from my computer to my computer via the LAN, and then the data when it leaves my local server would still be identified by my local ip address…
3/3 which means I haven’t really done anything at all (except complicate things). Is this correct? I want to host all my own stuff. I don't want to pay for outside services, like renting a server to run software for me. But, it looks like for vpn to function, at minimum I am going to need my server software running on a server outside of my LAN. Is my understanding correct? Whew...I hope that makes sense...
@KingWm You have to tunnel out to somewhere else for it to make sense to run a VPN. "Running a local VPN" would protect you from other people on your local network from seeing requests between the VPN server and VPN using PC, just like how it works using a VPN from your network to an outside server. Many people are not concerned about that type of security inside of their local network, but you could be.
@btcFUD I am not concerned about local traffic. I was thinking "host my own" meant I wouldn't need any outside services. After looking into how VPN's work more closely, I can see how that doesn't make sense. Essentially, the traffic takes the ip address assigned to the hosting server. So, you have to have a server in the cloud somewhere... After checking with my webhosting company, I would need a dedicated server to run WireGuard, which is $270 per month!
@KingWm I used to use Stunnel and a self-signed cert to have an encrypted VPN between myself and a machine on my home network. You don't have to buy a single thing. As long as your router will pass encrypted traffic, you're golden.
@TallTim but you were accessing your home network from outside of the network, right?
@KingWm Correct. I established a VPN link using Stunnel to my home machine running the client and port 443 forwarded on my router. Easy-peasy.
@TallTim my problem was, I thought I could host the server at home, AND access the server from my client on the same home network. I don't want to pay for off-site server space, but if I want to use vpn from home, I will have to apparently have the server situated outside of the home network on the internet. I know that should be obvious, but it took me a bit to put 2 and 2 together...
@KingWm So your aim is to encrypt your local traffic? Just making sure what you're trying to do.
@TallTim @Sosthene Before I setup my BTC and LN nodes, I want to setup the vpn so that I can encrypt the traffic and mask the IP address (privacy & security). If the vpn server is on my side of the network, then its outgoing traffic is still identifiable by my ip address. So, the server must reside outside my network, in the digital ocean, so that I can tunnel out of my local network to the outside world & use an IP address not physically tied to my town. Make sense?
@KingWm @TallTim I think what you need is to run bitcoin and lightning with Tor enabled. If you want to use a VPN, I think you should not use a server that belongs to you, as I think anonymisation with a VPN rely on the same server being used by many people. If you're the only one using the server, an attacker just need to listen to its clear trafic and the encrypted tunnel becomes just pointless. At least that's how I understand this, but I'm now expert
@Sosthene @TallTim ROFLMAO! You will see. I have had a plan for a while, taking my time implementing it. It is simple, but I hope it is very useful to other noobs... I may not have it tomorrow, but it is coming...You don't know this, but I am obsessive-compulsive. Each step is painfully agonizing. The first step is the hardware. My refurbished computer just arrived, but I am already thinking about splurging for what I really want https://www.raptorcs.com/content/base/products.html $$$ and giving this refurb to momma.
@TallTim ty for that. I suspect that tool will be useful in the future. Always wondered how peeps did those diagrams...
@KingWm @TallTim The point of a VPN is to create an encrypted local network between machines that are not on the same local network. So yeah, accessing the VPN in your home from your home doesn't make a lot of sense.
I think you need to take a step back and try to explain what you're trying to do, maybe it's not a VPN that you need
The social network of the future: No ads, no corporate surveillance, ethical design, and decentralization! Own your data with Mastodon!