If you like using a VPN provider on your router so that multiple devices on your network can take advantage of the VPN, you may find it hard to manage your VPN connections and choose different exit gateways based on performance or geo-location requirements.
VPNExiter is a GoLang service which runs on your router (or other device) and makes it convienent to manage your VPN connection.
VPNExiter is no longer being developed at this time as I've ended up moving to another solution and no longer need this.
VPNExiter is in early beta. Right now I have it working for a single use case to the point where it is useful. But I'm sure there are bugs and lots of missing features before I consider it "good enough".
Feel free to download and give it a try, but right now I'd consider it only usable by advanced users. Bug reports and pull requests are welcome!
Development was done targeting the Ubiquiti USG and EdgeRouter Lite-3. These were picked due to their low cost and relatively limited hardware specs (dual-core 500Mhz MIPS64 CPU and 512MB of RAM). Hence, you should be able to run VPNExiter on any hardware/OS that GoLang supports.
It's easy to run VPNExiter as a service on your NAS or home computer. VPNExiter supports controlling the VPN service on your router via SSH.
You can also run VPNExiter on a computer on your network via Docker. This is a more complicated setup, since VPNExiter has to SSH into your router to reconfigure it, but may be preferable for some use cases.
Tested VPNs are:
However, any VPN solution that meets the following requirements should be possible:
Vendor
name and VpnServer
which matches the selected IP address or hostname of the selected server.If you're looking for a secure VPN provider, I personally like and use PersonalVPN from Witopia. If you're interested in signing up, you can use my referal link to get at 15% discount and I get an equal credit.
VPNExiter supports two different integration types:
Configuring VPNExiter is done via a single config.yaml file. Required fields are in bold and optional fields are in italics.
The listen
block configures how VPNExiter runs
htpasswd -nbB <username> <password>
If you enable resolve\_servers
for one or more vendors below, set
dns_refresh_minutes
to a value => 5 to enable refreshing those DNS entries.
VPNExiter supports both a browser-based Speedtest URL which can be directly embeded or run the speedtest-cli on the router.
The router
block configures how VPNExiter should connect to the router and manage the VPN tunnel.
ssh
or local
/etc/ipsec/ipsec.conf
sudo /usr/sbin/ipsec start
sudo /usr/sbin/ipsec stop
/usr/sbin/ipsec status {{.Vendor}}
/usr/sbin/ipsec status {{.Vendor}}
CONNECTED
The vendors
block lists all the configured VPN vendors.
Each VPN vendor has it's own block.
vendor name 1 // name of vendor. Must match an item in vendors
true
| false
to enable DNS lookup of IP addresses for any hostnames listed as servers. Default is false.vendor name 2