cryptomon wrote: parityboy wrote:@OP
As for alternative firmware, I have a physical ADSL router which is untouched, but "behind" it I run a virtualised instance of pfSense. I also have a couple instances running LEDE and OpenWRT but they are just for testing purposes, nothing serious.
This sounds like an interesting area to get working on. Just got to get my head around what hardware configuration is required. Can a virtualised instance of pfSense run on the same PC etc..? Is it an alternative to OpenWRT?
Yes, it's an alternative to OpenWRT in that it is a router/firewall distribution. Yes it can run on the same PC (which is what I do) which will have a lot more horsepower for encryption than a domestic router will.
You will need a bare minimum of two physical NICs:
- NIC 0 will serve as the WAN port for pfSense (this one will be "unconnected" on your host PC). This connects to your physical upstream router.
- NIC 1 will serve as the LAN port for pfSense (this one will be "connected" on your host PC so that traffic generated by the host PC will be routed through pfSense).
- The VM will be configured with two virtual network adapters, each bridged onto their respective physical adapters.
- Once you install pfSense onto the VM, you configure its LAN and WAN ports accordingly. The WAN port can have a static IP address or get one from your physical router via DHCP. The LAN port will have a DHCP server to dole out addresses to your PC and anything else connected to that second NIC - e.g a network switch with other devices attached.
From here you can configure one or more client instances of OpenVPN to connect to different exit nodes, you can even group them for load balancing and failover. There's a guide
in the HOWTO section.