A beginner's query concerning the purpose of self-hosted VPN servers

Inquiry
While using a third-party VPN, I can access geo-restricted content in addition to enhanced encryption and “privacy” because my traffic is not only encrypted but also tunneled through one of their servers situated in a foreign country, masking my public IP address from my default territory to the website that I’m accessing.

But how about a VPN that you host yourself at home?

It doesn’t alter my public IP address through tunneling in addition to encrypting the traffic, correct? P. Given that I can’t access geo-restricted content even after utilizing a self-hosted VPN server, what use is it?

Why isn’t the built-in HTTPS encryption sufficient if the primary goal here is data encryption? What other encryption-related advantages can a self-hosted VPN offer? If my understanding is correct, my ISP (and hence the government) may still use packet inspection to examine the web servers I am pinging using my public IP address even while I’m using a VPN.

6 Likes

No, IP masking is NOT the foundation of a VPN. The tunnel is encrypted. It’s used to provide secure access to the remote end. Subsequently, open VPN providers release your information online, making it appear as though it was sent by them.

You would set up a personal VPN server to provide secure access to the network at home. This might be done to benefit from your home security system (strong firewall, pihole and additional anti-ad technologies, etc.) or to access additional self-hosted resources (file servers, etc.).

5 Likes

In passing, if your primary objective is to access geoblocked material and you would want to run your own VPN, you may obtain a DigitalOcean droplet or instance from a cloud provider and set up a VPN on it. Although you have the option to select the datacenter location, most of them are far more restricted (for example, offering just Germany or the US) than commercial VPNs, which may provide hundreds of countries.

4 Likes

The issue I’ve discovered with this—and I do manage a couple of personal VPS instances—is that many streaming providers have blacklisted entire collections of data center IP addresses. Geo-restricted content and streaming services are not something I use my VPS for, but if I did, I would definitely just pay a provider $5–10 a month. By then, it makes little difference if your VPN company keeps logs or not because you’re not engaging in any dubious activity.

4 Likes

Hosting a server for your VPN at home would allow you to connect to your own private network remotely. You can establish a connection to your home VPN server if you need to access anything on your network when you are away from home.

Only communication over a VPN between a client and server is secured. You won’t gain anything by using your home network to connect to a VPN when you’re at home, unless you’re seeking to reduce risks that are present there.

Using an AWS EC2 VPN server might be a preferable option.

3 Likes

Hosting a VPN server at home allows you to access your residence network remotely.

Is there a problem with SSH or another RDP?

2 Likes

Because connecting via a VPN to your local network and then utilizing SSH is more safe than opening SSH to the internet.

Opening SSH to the internet will cause it to be constantly hacked.

2 Likes

Nothing. With the exception of rdp, which restricts you to the device’s apps and services, ssh only permits TCP connections. VPNs don’t give a damn. It is capable of handling all IP traffic.

2 Likes

SSH with keys works well up until a vulnerability. It cannot be exploited by using a VPN if there isn’t an exploitable weakness in both SSH as well as the VPN.

I will never allow RDP to connect directly to the web unless it is through an Active Domain, and even then, VPN use is required on corporate settings.

1 Like

Regarding the last sentence of your post, I was thinking the same thing and made a post in this sub about a week ago. I asked if it’s possible to avoid both the isp seeing what sites I’m going to (self hosted vpn) and vpn providers seeing what sites I’m going to (3rd party vpn)

The answer is that it’s impossible. So to answer your question, I have no idea why you would self host a vpn if you’re looking for more privacy

Indeed, it appears that our definitions of what a VPN are were incorrect. IP masking and circumventing geo-restrictions aren’t really VPN capabilities; they’re merely things that third-party VPN companies pretend to offer.

Why you would self-host a VPN if you want more privacy is beyond me.

In essence, it’s a secure alternative to SSH or RDP for remote server access. Look at the comments above; one person gave a really clear explanation, which alone allayed my concerns.

According to what I’ve learned, self-hosted VPNs cannot provide IP masking. Your best option is to either ask a reliable contact who lives abroad to run a VPN server there, or rent a server (this is where third parties come into play).