Creating separate SSID for geolocation VPN

MrM · 25 Apr 2021 at 07:15

Hi,

I’m hoping someone can provide me with some advice or point me in the right direction.

I would like to setup an additional, separate wireless SSID for the purpose of masking location via a subscription VPN, such that location is selectable as I choose.

I am fortunate enough to have FTTP, and whilst I own a Netgear R7800 router which I used to run a FTTC connection at a previous house, I haven’t been able to get it to work with my FTTP. So I currently use the somewhat limited BT Smarthub 2 connected to a Ubiquiti system where I have 5 various access points dotted around my property.

I am by no means a networking expert but I enjoy giving things a go.

If anyone could kindly enlighten me as to the easiest way to achieve what I’m looking to do I’d be very grateful.

Many thanks.

Avalon · 25 Apr 2021 at 11:31

The last time I bothered to do this, I used docker instances with Privoxy configured with tunnels to different end points, change the proxy port, it changes the docker container used and end point. You could use client tagging on something like untangle or if supported do it via vlan.

Temi_D · 25 Apr 2021 at 11:32

Essentially, what you would need is a router that allows you to create VLANs and that supports OpenVPN. What you need to do is create a VLAN and a new SSID for the said VLAN, and make sure the gateway for the VLAN is set as the VPN. This can very easily be done using a pfsense router (that's what I use) and with that you can get rid of the SmartHub entirely.

You could then copy the setup and create multiple SSIDs for different geo-locations and just switch between them as you please

MrM · 26 Apr 2021 at 08:47

Thanks. What hardware are you using for pfsense?

Caged · 26 Apr 2021 at 17:20

I did this for someone who'd already had an EdgeRouter X off me and didn't really want to replace it.

I used this guide and then tagged the new subnet as a VLAN on the switch (they already had an Aruba AP that they're borrowing off me long term).

https://lazyadmin.nl/home-network/edgerouter-as-vpn-client/

It only runs about 20Mbps because of OpenVPN and an EdgeRouter, but that's quick enough for the streaming needs. I would not recommend buying an EdgeRouter with this in mind - get a Protectli or Qotom box or something and put the firewall software of your choice on it. I'd suggest something more beefy than an Atom if you're doing this with OpenVPN in mind.

Temi_D · 26 Apr 2021 at 19:05

MrM said:
Thanks. What hardware are you using for pfsense?

I use a little, J3160 box from Aliexpress, I think they also get rebranded as Qotom/Protectii boxes as mentioned above