A while ago I was using NordVPN as service to block some adds and „change“ my location + IP address.
Now I managed to install a setup of PiHole and OpenVPN. With this I’m able to make use of all the known pros of PiHole - even on my mobile phone. However, I’m not able to „change“ my location and IP address anymore.
What are the most common ways to add this level of privacy to a setup like mine?
To be able to change your IP address (which in turn may change your detected location) you either need to own those IPs or use a service that allows you to route your traffic (ie, VPN and proxy).
So the possibilities are :
-
Installing NordVPN client (they got OpenVPN profile too) on your router/Pi, so all traffic eventually go through NordVPN which egress IP can be changed, or
-
Exposing your PiHole through DoH/DoT, use NordVPN directly in your devices and set them to use your private DoH/DoT. To prevent others from using your PiHole as DNS, you’d need to have your own domain where you can generate wildcard cert, then drop any request except those that use a unique subdomain you pick. You can’t use a cert for a specific subdomain directly, because certificate transparency means anyone can look it up.
You would need to ensure that the machine you have hosting your VPN instance, is itself connecting through a VPN instance.
No amount of configuration is going to change your public address or the physical location of the machine hosting your Pi-hole/VPN server.
I guess you can’t change your IP, only your isp can. The vpns like open vpn or WireGuard create a tunnel to your home ip so to speak, while those nord vpn like vpns are tunnels from your device, wherever it is to an endpoint they own and hopefully keep safe. Proxies can have the same effect, but they’re not tunneled, that’s what I believe to have understood, which will be refuted in a minute.
So the First Option is something like this, right?
The second option seems to be interesting too but more complex to install properly. I will look into this. Thank you!
Ok so would have to install something like nordVPN on my rpi and route the DNS requests through the pihole, right?
PiHole can be disabled for an amount of time for example. Would there be such a possibility for the commercial VPN like nordVPN too? Because when downloading a large amount of data I would like to disable the service of course…