When I got my new internet connection, I wondered about using a VPN to keep the router from knowing my browsing habits. I was concerned as the router was provided by the internet provider and they probably had remote access to it for troubleshooting, possible snooping too.
Does a VPN hide browsing history from router? A reputable VPN will hide the browsing history from a router by creating a secure encrypted connection from the VPN software to the VPN server. The router will only see the encrypted connection and will not be able to see any information inside the connection.
Reputable VPNs are essential to protect privacy and keep yourself anonymous across the internet. Providing essential protection against tracking from hackers, governments to surveillance agencies.
End to end VPN encryption
It’s vital any VPN used is capable of end-to-end encryption from your device to the VPN server you are connecting to. This will ensure the connection is encrypted, making the traffic passing across the VPN connection invisible to the router.
The router will only see the encrypted connection and will not be able to decrypt the connection as the cryptographic key used to encrypt the connection will only be known by the VPN client software on your device and the VPN server the connection is being made to.
Not all VPNs provide the protection of encryption end-to-end from the VPN client to the VPN server, with proxy VPNs being particularly poor at encryption.
These VPNs are not really VPNs in the traditional sense, as they only anonymise the user (by hiding their real IP address) but don’t necessarily provide the protection of encryption, so the traffic from the web browser to the internet passes across router and is clearly visible to the router.
VPN Plugins and extensions can be added to popular web browsers like Chrome to Mozilla Firefox, allowing web traffic from these browsers to be encrypted as it travels on towards the VPN server these VPN plugins connect to.
Whilst some of these VPN plugins do provide protection against any of the web browsing traffic from being visible to the router, they only protect the traffic from your device leaving from the web browser.
They don’t protect the traffic outside of your web browser as this travels across normal connections, that is, as it would travel without a VPN. The router will be able to see this traffic as it isn’t protected by the encryption offered by the VPN.
Traffic such as email (from email software like Microsoft Outlook), instant messaging to torrenting (using a torrent client that’s not web based) will pass unprotected across the router, making it visible to the router, allowing the router to be able to see all the information passing through.
Leak proof VPN
Some VPN services are prone to leaks, by leaking information on what is being browsed, it is possible to give away not only what is being browsed but who is doing the browsing. As the real IP address (the one provided by the ISP and not the VPN provider) becomes visible.
It is essential to make sure the VPN protects against common leaks like DNS leaks and WebRTC leaks. As leaking information this way, means the connection across the router even though it is encrypted, the destination of the connection is visible.
As an example, if I connect to a website like google.com and use a VPN with solid leak protection, the router will only see my connection to the VPN and will not see I’m connecting to google.com. Now if the VPN has poor DNS leak protection, when I connect to google.com using the VPN connection, the connection will use services my ISP provides instead of the VPN provider to work out where the google.com website is located.
These services include the DNS name services, an essential component of todays internet, to translate the website google.com into an IP address, that will be used for different devices that route connections across the internet to able to determine where the google.com website is located and the path to take to make a connection.
As the VPN DNS name service is not being used, the connection will use the ISP DNS name service and this will travel over the router and be clearly visible to the router, as it won’t be travelling over an encrypted connection as it would so if the VPN has DNS leak protection.
It is this real IP address that can be used to get the identity of the person through a court order. The court order forces the ISP to give details of their customer who was assigned the real IP address at a particular date and time.
So, if a copyright holder is trying to find out the real identity of someone who was using an IP address on a particular day and during a particular time, they can get his information from the ISP that owns the IP address by using a court order.
VPN on the router
Can I put a VPN on my router? As long as the router can run the VPN client software then the router can be used as a VPN router, allowing VPN connectivity all the time, protecting all devices connecting to the internet using that router.
Unfortunately, many routers provided by Internet Service Providers (ISPs) are quite basic and don’t have the capability of allowing VPN software to be installed. This is down to these routers being low cost versions, with no frills functionality.
By using an additional VPN router to connect to these ISP routers, internet connections can be made to the VPN router, which will encrypt the connection before passing it on to the ISP router.
What is a VPN router? Some routers have built-in VPN functionality where the router has firmware capable of providing VPN connectivity, so these routers won’t require any additional VPN software to be installed onto the router itself.
These VPN routers are ideal in ensuring all devices that connect through it can automatically use the VPN connection, even if the device itself has no VPN software running on it.
I use a VPN router to ensure all the connections made in my household are routed over the VPN router. What I find really great about this solution, is my Smart TV can also connect to the VPN router, allowing me to get to different regions, so I can connect to a VPN server in Germany, in Australia to Japan. This makes it possible for me to watch programs in different regions from the different streaming services I subscribe to.
Without a VPN router, it would be difficult to connect to another region other than my own region.
Routers with built in VPN
Which routers have built in VPN? Routers with built-in VPNs include the Linksys WRT 3200 ACM router, Asus RT-AC86U router, Asus RT-AC5300 router, Linksys WRT32X Gaming Router, D-link DIR-885L/R router and the Netgear Nighthawk X4S VDSL/ADSL Modem Router D7800.
According to the Techradar review for the best router VPNs the routers listed above are their top choices.
Some of these routers have specific firmware available from VPN providers like Express VPN, however it is important to note, installing any other firmware other than the one supplied by the router manufacturer could invalidate the warranty of the router.
On the Linksys routers, in the router settings there’s options for connectivity and it’s in these settings that router firmware updates can be made like those from Express VPN.
Many of the devices listed have the option of installing DD-WRT firmware, which is an open-source Linux based operating systems for routers. By installing DD-WRT firmware additional options become available like being able to install VPN software.
Some of these routers will only allow L2TP protocol-based VPNs to work and unfortunately L2TP/IPSec is a weak security protocol and doesn’t provide any adequate level of encryption, therefore if anonymisation is your only goal then L2TP should be fine.
Linksys WRT 3200 ACM router
This router has the option to install DD-WRT firmware allowing for VPN connectivity as well as allowing the installation of VPN firmware like Express VPN’s firmware update. Check latest price on Amazon here.
Asus RT-AC86U router
This VPN includes VPN features as well as the option to install additional firmware like Express VPN, as well as built-in PPTP VPN connection configuration options. Check latest price on Amazon here
Asus RT-AC5300 router
This router allows a PPTP based VPN connection to be created. The Express VPN Open VPN based firmware can be installed on most Asus VPN routers allowing traffic to be diverted via the Express VPN servers. Check latest price on Amazon here.
Linksys WRT32X Gaming Router
This router has an excellent VPN client feature allowing traffic to be routed through a specified VPN server with minimal configuration required. Check latest price on Amazon here.
D-link DIR-885L/R router
This router has the Quick VPN feature allowing the enabling of L2TP over IPSec. As stated earlier this VPN protocol is not as secure as other VPN protocols and only provides anonymisation features. Check latest price on Amazon here.
Netgear Nighthawk X4S VDSL/ADSL Modem Router D7800
This router has the DD-WRT firmware allowing for additional features. The VPN settings are straightforward by selecting the VPN Service option in the configuration dashboard and enabling it. Check latest price on Amazon here.
By using a reputable VPN, your browsing history can be protected from your computer to the VPN server, so the router and any other routers involved in sending your information across the internet to the VPN server will not be able to see your information including your browsing history.