Hey guys.
First thing first I’m a complete noob in networking, so forgive me if my question is stupid and in the wrong section of the forum.
My router is RB951G-2HnD, currently running on RouterOS v6.43.4
So what I want to achieve is to be hidden when browsing from home through various devices. That include all PCs, phones, Android TV Boxes (Kodi) and downloading torrent files through a NAS that doesn’t support a VPN client itself. The most important to me is staying anonymous when torrenting through the NAS and when using Kodi.
Which is the easiest (and if possible cheapest) way to achieve this with the router? Is it possible to exclude a device from the VPN? For example, I watch Netflix with my TV and I do NOT wont to use the VPN for that.
Best VPN is one you make yourself, host CHR somewhere and use native Mikrotik protocols (EoIP,IPIP,etc.)
Generally avoid TCP based protocols (SSTP,OpenVPN) for performance reasons (single TCP connection), always prefer UDP ones (PPTP,L2TP,…).
Obviously it all depends on what you are trying to do, if you are trying to break free from China, your options will be quite different then when you are in a “free world” and can simply pick any protocol you have and it will work…
Guys, maybe I asked the wrong question.
What I mean is what is the easiest commercial VPN to use/configure with Mikrotik. And I need a solution to my specific needs - hiding my identity when using torrent client or when watching online content with Kodi. Where I live (New Zealand) that’s not an issue at the moment, but you never know. At some point, we may follow Australia (as we usually do), where watching online content and downloading torrents is a huge issue. That is all. I can’t create my own VPN and host it somewhere. All I have at home is a couple of notebooks, a cheap NAS (with a torrent client - Transmission) and an Android TV box with Kodi installed.
I guess what I need is a tutorial like this one: https://support.hidemyass.com/hc/en-us/articles/204558497-Mikrotik-Client-Setup
The thing is I have no idea if this one will do what I want.
[quote=philsabraham post_id=747982 time=1567436880 user_id=147579] [quote=nikolav75]
Which is the easiest (and if possible cheapest) way to achieve this with the router? Is it possible to exclude a device from the VPN? For example, I watch Netflix with my TV and I do NOT wont to use the VPN for that.
[/quote]
If you are looking for a cheapest option then CyberGhost VPN is good and less expensive. But what actually you need a featuire called Split Tunneling, which allow certain apps (whatever app you want) to use VPN and rest will not be used when VPN connection is on. There are very few VPNs that offer this feature. PureVPN offers split tunneling (which I will never recommend) rest is ExpressVPN (which is expensive) but good for all your needs. You can even Google and find more about it.
[/quote]
Total BS…
Leaving IPSec aside, tunnelling protocol or provider has zero to do with routing or the “split tunnelling” feature you mention, which can be achieved while using any tunnelling protocol under ROS by applying common routing practices: mangle/route marks (policy routing). All this, independently from the VPN provider.
Plenty of examples on Mikrotik multi wan presentations, like Tomas Kirnak’s
Good to know. I use third party VPNs on the client side devices themselves (pc- works on most browsers, and many streaming type devices aka Firestick). I am waiting for wireguard on the router and then life will be so much easier.
