Encrypted VPNs are a popular choice for private network connections, and with good reason. They provide all the benefits of a VPN connection without the risk of eavesdropping or tampering.
As with any other type of VPN, you will need to do a bit of research before purchasing an encrypted appliance, as the market is flooded with fake products. To help you out, we’ve compiled a list of tips on how to setup and use an encrypted VPN on your network.
Use A VPN That Is Suitable For Your Network
One of the first things to consider when setting up an encrypted VPN is what type of equipment you will need to connect. Just like with any other VPN, you will need to have a VPN appliance, a router, and a VPN client. Here is a short list of what each one does and why you might want to choose them.
A VPN appliance is what you will install inside your network, typically in a server room. It is where all your network traffic is routed, and it handles the encryption and authentication of all your network traffic. When choosing a VPN appliance, you will need to decide whether you want it to be headless (no monitor or display) or if you want to be able to monitor and manage it from a remote location (using a web browser etc.) For most home users, the headless variety will be suitable.
A VPN appliance also stores your decryption keys (and optionally your passwords) in a secure space that can only be accessed by the device itself. Unless you want to write down your keystrokes, these are the types of storage devices you will want to choose. Finally, make sure that the device you purchase is tested and has a good reputation.
Your router is the device that will direct your network traffic to the right place, over Wi-Fi or Ethernet. It can also filter traffic based on specified criteria (such as the device or service trying to access the network). Routers are responsible for moving data from one place to another, so it is natural that they would have at least one port dedicated to a VPN connection (most routers now come with several VPN ports).
When setting up a VPN on your router, the first thing you will need to do is make sure that the port you choose is not in use by any other application. This can be a hassle, especially if you are connecting multiple devices (such as laptops and mobile phones) to the same WiFi network. To avoid any conflicts, you will want to dedicate a specific IP address for the VPN alone, while the rest of your IP addresses remain dedicated to other devices on your network (e.g. WiFi, Bluetooth, Game Console, etc.).
A VPN client is what you will use to connect to a VPN server. You will download and install this client software either on a mobile device (most providers offer apps for this) or on a computer. When using a VPN client, you will not need to provide any sort of credentials, as the client will handle all the security checks and connection setup with the VPN server.
A VPN client is also responsible for storing your credentials (such as username and password) along with other important data (such as the remote VPN server URL). This can be a security risk if your device is ever lost or stolen. Backups are also a good idea in case you lose all your data due to hard disk failure or malware infections (e.g. ransomware).
Consider Your Needs
Once you have decided which type of equipment you will use to connect to the VPN, the next step is to consider your needs. For example, if you are looking for a solution for companies or public places where security is a concern (such as coffee shops or airports), choosing an AES-256 bit encryption would be a good choice. If you are connecting multiple devices to a single VPN server (e.g. multiple computers, tablets, and mobile phones), you would want to look into a VPN that supports PPTP or L2TP over IPSec, as these are the most common protocols used for VPN connections today. Finally, if you are trying to connect to the Internet via a VPN, choose a protocol that allows for online connections through your VPN (e.g. IKEv2).
Choose A Strong Password
One of the biggest security concerns when setting up a VPN is choosing a strong password. You want to pick a password that is not too easy to guess (and that you will remember). We recommend using a combination of upper and lower case letters, numbers, and symbols to create your password. Once you have created your password, save it in a safe place (such as a password manager).
Choosing the right type of encryption will also affect your choice of password. If you are connecting to a VPN server that uses SHA-1 or MD5 for their hashing algorithms, you will need to change your passwords once you log in (the server will not accept old passwords anymore).
Choose The Right Location
Another important consideration when setting up a VPN is choosing the right location. You will want to pick a place that is far enough from your home area so that any activity you do (e.g. browsing the web or sending emails) does not appear to come from your normal IP address (this could potentially lead to suspicion and security threats).
If you are connecting to a public WiFi hotspot at a coffee shop, hotel, or airport, be sure to choose a location that has a strong password protection enabled (WifiGuard is a free app that you can download for Android and iOS that provides extra security for your WiFi connections). If this location is in an area that is densely populated by scanners and snoops (such as a city center or a college campus), you will want to choose a location that has a significant amount of physical distance between it and these locations (preferably in a different country).
Isolate And Segregate Conflicting Networks
Even if you choose the right equipment and location, you will still have to deal with conflict. This is because different networks (e.g. your home network and the network at your place of work) may try to share the same IP addresses. To prevent this, you will have to either setup a hostname mask on your router to give each network a unique IP address or you will have to connect each network to a separate VPN server (and change your VPN clients to connect to different servers).
Even then, you will still have to be careful about which networks you connect to. You do not want your home network to have access to your work network or vice versa. This could lead to security risks if one of the networks is compromised.
Make Sure Everything Is Set Up Correctly
Even after you have set up your VPN and all your devices are connected, you will have to make sure that everything is operating correctly. Along with your VPN server, you will need to have a firewall in place to protect your network from attack. You also want to make sure that your devices have the necessary permissions to communicate with each other and with the VPN server (e.g. to access shared directories or to update their software).
To ensure that your VPN connection is secure, you will need to update your firmware on all your devices (e.g. your router, your VPN client, and your mobile phones). Additionally, you will want to change the passwords on all your devices (including your router) and remove any suspicious apps that may have been installed on them (such as keyloggers or VPN clients that were secretly installed by hackers). Finally, you will want to make sure that your network is secure by default (e.g. by changing the default passwords and/or restricting the users that can log on to your devices).
Once you have followed these steps, setting up a VPN on your network will be a piece of cake!