One of the best ways to protect yourself when you are out with your laptop or other portable device that requires wireless access is to use a VPN.  Though not necessarily the most user friendly product to setup, the benefits in security can be worth the trouble.  There are many ways to setup a VPN using software only, but today I would like to cover OpenVPN that is built in to Untangle.  Early versions of the Untangle router software included OpenVPN which allowed you access to your network, however starting with version 9.3, it includes a full tunnel option not previously available.  In my opinion, this is a game changer for Untangle.


Background and Rationale

What is a full tunnel and why do I want it?  A VPN can be configured in two basic ways, a split tunnel and a full tunnel.  A split tunnel is only secure when accessing your network such as your files, NAS or computer.  When you are browsing, you are completely unsecure and open to threats.  A full tunnel routes everything to your router and is then sent to the internet from there.  Another words, you will establish a secure connection to your router from your laptop, and your router will route the request to where you want to go.  Why is that important?  Say you are at a Starbucks or other public WiFi and you want to surf the internet.  The entire time you are surfing, you are exposed even when going to safe sites.  Granted, if you connect to say your bank, you will be accessing a secure connection, but everywhere else you are open for people to sniff what you are doing and where you are going in hopes of capturing personal information.  When using a VPN tunnel, your connection from your laptop is made to your VPN and never leaves it.  When your request to go to a web site, the request is made from your laptop, through the secure VPN connection, and your router will send that request to the site.  The information is then routed back from the that site back to the router, and from the router back to your laptop.  Just to be clear, only the connection is secure, and of course it does not stop you from going to malicious sites, but it does protect you from what happens when you are using a public hotspot (see the lower section for additional benefits of using a VPN).



What are the drawbacks?  For starters, the main drawback is that depending of the hardware you have and the speed of your internet connection, it can be a bit slower.  Since the traffic has to go to your router/firewall, get routed to the site, and then back to router then back to laptop, there could be some very minor delays.  The faster the connection, the less the problem.  The other drawback is that it is a bit more complicated to setup.  Many solutions out there offer VPN but only a few offer full tunneling.  In the end it is all about how important security is to you.  For me, the choice is simple.  Since I do occasionally have to use public hotspots as well as having access from work, a tunnel is the only way I can go.  Lastly, setting up something like Untangle with Open