Using VPN inside my home LAN?

Page 1 of 2 12 LastLast

  1. Posts : 345
    Windows 10x64 Pro
       #1

    Using VPN inside my home LAN?


    Whenever I see VPN, it says that it's used to access your home LAN from the outside when I'm not home (thru the internet), but what if I want to use VPN inside my LAN? Can it be done? The reason I'm asking this is that I sometimes use Wifi for certain devices in my LAN (smartphone, tablet, etc), and AFAIK the data exchanged during wifi sessions is not encrypted (only at user login), opening the door to wifi sniffers.
      My Computer


  2. Posts : 18,424
    Windows 11 Pro
       #2

    You need to turn on WPA2 encryption for your WiFi connection on your router. Most routers from the last 10 years or so should have WPA2.

    What Is the Strongest WiFi Encryption? | Chron.com

    Using VPN inside my home LAN?-capture.jpg

    When you attempt to connect to your WiFi, your computer will automatically detect the encryption and ask you for the password, which you will have to supply to connect. That encrypts the data flowing on the WiFi connection. The alternate way of connecting is with the WDS button - but I personally just use a password.

    I have not found a way to even test my VPN within my own LAN. When I want to test my VPN connection, I share the LTE data on my cell phone via WiFi, connect my computer to that which gives me an outside internet connection. Then I test my VPN that way.
      My Computer


  3. Posts : 345
    Windows 10x64 Pro
    Thread Starter
       #3

    NavyLCDR said:
    You need to turn on WPA2 encryption for your WiFi connection on your router...That encrypts the data flowing on the WiFi connection.
    Hi Navy, yes, I use WPA2 encryption, but the point is, are you sure that it encrypts the data flowing on the Wifi connection or only the data exchanged during login (password)? AFAIK, it only encrypts the password and not the data flowing while you are logged in, but I may be wrong.
      My Computer


  4. Posts : 18,424
    Windows 11 Pro
       #4

    antares said:
    Hi Navy, yes, I use WPA2 encryption, but the point is, are you sure that it encrypts the data flowing on the Wifi connection or only the data exchanged during login (password)? AFAIK, it only encrypts the password and not the data flowing while you are logged in, but I may be wrong.
    Did you read the article I linked to? It encrypts the data after the connection is made. Here is more info:
    How secure are WPA2 keys? - Information Security Stack Exchange

    In WPA2-PSK, the traffic is encrypted under a key that is derived from the PSK and from some values that are exchanged in the clear during the initial handshake between the device and the router. (There is no public-key crypto involved in this stage; it is all symmetric-key crypto.) Consequently, an eavesdropper who has captured the entire network trace and who knows the PSK can re-derive the decryption key and then decrypt all of the traffic.

    Alternatively, if the attacker has not captured the initial handshake, the attacker can force the device to disassociate and re-associate. (The disassociate command is not authenticated, and thus can be spoofed by the attacker.) This will now let the eavesdropper capture the initial handshake when the device re-associates and decrypt all subsequent traffic, if the eavesdropper knows the PSK.
      My Computer


  5. Posts : 345
    Windows 10x64 Pro
    Thread Starter
       #5

    Thanks Navy, I have read similar info elsewhere, and even if all data is encrypted as said in the article, even with WPA2-PSK, the wifi network is vulnerable to attackers. I wonder if using VPN inside the LAN (if possible) would add an extra layer of security to wifi.
      My Computer


  6. Posts : 9,765
    Mac OS Catalina
       #6

    Using a VPN inside of a LAN is just going to cause huge headaches.

    As for wifi signals being looked to be attacked. It is not as big as you think.

    It is the connection to your ISP that is always under attack. A Good Gateway with proper Firewall rules, strong Wifi Passphrase, no remote connection over Internet are the key things to remember.
      My Computer


  7. Posts : 18,424
    Windows 11 Pro
       #7

    bro67 said:
    Using a VPN inside of a LAN is just going to cause huge headaches.

    As for wifi signals being looked to be attacked. It is not as big as you think.

    It is the connection to your ISP that is always under attack. A Good Gateway with proper Firewall rules, strong Wifi Passphrase, no remote connection over Internet are the key things to remember.
    And not only the connection to the ISP, but also the corporate servers always under attack too. At home, the biggest benefit to using WPA or WEP is not really to encrypt the WiFi traffic itself - but to keep neighbors from connecting to your router and stealing your internet bandwidth (ever seen The Big Bang Theory episodes and Penny stealing the boys' WiFi?). In order for a hacker to steal your information from the WiFi traffic, the first thing they would have to do is sit within range of your WiFi signal. I just don't see it worth it to a hacker looking to steal information to be parked in your driveway for hours at a time in order to get a couple of your account numbers/passwords or steal a movie you might be streaming. They are more likely to go after the point where a large amount of different persons' information is and that they can hack into from a remote location.

    WPA only encrypts the traffic between your WiFi adapter and the router. What you really want to look for for the outside connection is an https:\\ website to transmit sensitive information - the https:\\ traffic gets encrypted all the way from your computer to the destination website - including the WiFi portion of the trip.
      My Computer


  8. Posts : 345
    Windows 10x64 Pro
    Thread Starter
       #8

    bro67 said:
    It is the connection to your ISP that is always under attack. A Good Gateway with proper Firewall rules, strong Wifi Passphrase, no remote connection over Internet are the key things to remember.
    You mean to say that it's advisable to use a gateway other than the ISP's? If so, which one?

    NavyLCDR said:
    At home, the biggest benefit to using WPA or WEP is not really to encrypt the WiFi traffic itself - but to keep neighbors from connecting to your router and stealing your internet bandwidth
    I'm not really concerned about that, I only use wifi ocasionally, plus I have a strong password (16 characters) plus I have auto notifications of devices attached to the wifi router

    NavyLCDR said:
    In order for a hacker to steal your information from the WiFi traffic, the first thing they would have to do is sit within range of your WiFi signal. I just don't see it worth it to a hacker looking to steal information to be parked in your driveway for hours at a time in order to get a couple of your account numbers/passwords or steal a movie you might be streaming. They are more likely to go after the point where a large amount of different persons' information is and that they can hack into from a remote location.
    I agree on that one, a public wifi like airports, starbucks, hotels, etc is more prone to attacks than a private home

    NavyLCDR said:
    WPA only encrypts the traffic between your WiFi adapter and the router. What you really want to look for for the outside connection is an https:\\ website to transmit sensitive information - the https:\\ traffic gets encrypted all the way from your computer to the destination website - including the WiFi portion of the trip.
    I agree on that too, problem is that not all websites are "https", i.e., non encrypted, and that's when you need a solution like VPN. Also, even if you visit an https, if you have no VPN, someone might find out that you visited that website. With VPN all your traffic, including websites visited are encrypted, so your privacy is complete (as long as the VPN server deletes your history)
      My Computer


  9. Posts : 5,478
    2004
       #9

    antares said:
    I agree on that too, problem is that not all websites are "https", i.e., non encrypted, and that's when you need a solution like VPN. Also, even if you visit an https, if you have no VPN, someone might find out that you visited that website. With VPN all your traffic, including websites visited are encrypted, so your privacy is complete (as long as the VPN server deletes your history)
    A bit OT bit if you are that concerned about privacy you could consider the Tor Project: Anonymity Online

    It isn't a complete solution as some websites will block traffic coming from known TOR exit nodes (this is the IP that your request appears to originate from) but then they also block traffic coming from known VPNs. I certainly trust the open source Tor Project over a commercial VPN provider promising not to keep logs but as I don't have anything to hide I have nothing to fear (thought I'd preempt someone else saying that).

    Performance is OK for normal use but it isn't suitable for high bandwidth use (streaming, torrents etc) really and is not recommended for such.
      My Computer


  10. Posts : 345
    Windows 10x64 Pro
    Thread Starter
       #10

    lx07 said:
    ...as I don't have anything to hide I have nothing to fear...
    It does not necessarily mean you have something to hide, or at least it's not my case, it has to do with privacy and security which should be a right for anyone surfing the net. In my case, I started this thread because I always had a wired home LAN (still do), mostly because I don't trust wifi security (plus the concern over wifi radiation, speed, battery saver, etc). Only recently I added a wifi router to my wired LAN which I use occasionally for convenience in certain circumstances (internet access for my friends/smartphones, etc), so I was trying to see the way to optimize security/safety under wifi.
      My Computer


 

  Related Discussions
Our Sites
Site Links
About Us
Windows 10 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 10" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd
All times are GMT -5. The time now is 14:00.
Find Us




Windows 10 Forums