When I travel out of the country, I don’t try to access my financial accounts, because (a) I don’t know how secure the hotel WiFi is; and (b) when the financial institution sees login attempts from outside the U.S., they can block the login or lock my accounts for security risk. Meanwhile, when I’m away from home for an extended period of time, I still need to take care of some financial chores, such as paying the property tax, or simply keeping an eye on my accounts for unexpected activities.
You can buy commercial VPN services, either one month at a time only when you need it, or you can pay an annual fee to have it all year. One popular vendor charges $13/month or $100/year. I was going to look for a VPN vendor until I realized I could set up a VPN on my wireless router at home completely free.
Built-In VPN Server
Many residential wireless routers, including some inexpensive ones, already have a built-in VPN server. You just need to know how to enable it. I have a cheap WiFi router that’s a few years old, such that it’s no longer sold on Amazon. It already has a built-in VPN server. I’m sure many newer models have it too. For example this TP-Link router has a built-in OpenVPN server and it sells for only $60 on Amazon. Other router brands such as Netgear, ASUS, and Linksys all make models with a built-in VPN server.
If you are not sure whether your existing router has a built-in VPN server, look up the instructions manual for your model on the manufacturer’s website. If it doesn’t have it, upgrading to one that has a built-in VPN server will cost very little money.
Those who know more about technology have more options, such as replacing the firmware on their router or running a separate VPN server. Enabling the built-in VPN server on the existing router is just the easiest to make it work out of the box.
Dynamic DNS
After you enable the VPN server on your router, you will need to know where you will connect to when you are away from home. A router that has a built-in VPN server likely also supports Dynamic DNS (DDNS) service. The router manufacturer itself may offer the free DDNS service so you don’t have to register with a separate provider. After you register a name for your home router, the router will automatically update the IP address for that name.
For example if you use a TP-Link router and you register a name myname.tplinkdns.com with TP-Link, you put that information into your router. Your router will automatically send your public IP address to TP-Link periodically. When you make a connection, you just connect to myname.tplinkdns.com. TP-Link will send you to the public IP address for your home router.
VPN Client
After you enable the OpenVPN server and configure DDNS on the router, you will need VPN client software on your laptops and mobile devices. OpenVPN has free official client software for Windows, Mac, iOS, and Android.
The VPN client will use authentication credentials generated from the VPN server on the router. The VPN server will only allow connections from clients with the right credentials. Just follow the instructions to export the credentials and configure the clients.
A home-based VPN won’t be the fastest if you try to watch Netflix videos on it, but for the purpose of accessing financial websites while you are away from home, it’s fast enough. You are already paying 24/7 Internet service at home and your existing equipment probably already has the VPN feature. After a one-time setup, it’s all free. Because you don’t go through another third party, you don’t have to worry about what that third party is doing.
Having a home-based VPN adds security when you are away from home on public WiFi. The financial institutions will see you are just connecting from your home, as you normally do. I tested my setup using WiFi at a public library. It worked perfectly. I will use it when I travel again.
Say No To Management Fees
If you are paying an advisor a percentage of your assets, you are paying 5-10x too much. Learn how to find an independent advisor, pay for advice, and only the advice.
MF says
FYI: Opera browser has a free VPN that comes with it. You can have it use IP address from any geographical area.
Harry Sit says
In this setup you don’t go through a third party (Opera, Tunnel Bear, etc.) and you don’t have to worry about what that third party is doing.
Dave says
What are the downsides of doing this?
Seems like you are opening up your network to outside access.
Harry Sit says
You have to generate authentication credentials from the VPN server, which you then put into the configuration for your VPN client. The VPN server will only allow clients with the right authentication credentials. The VPN server can also assign the remote client to a private IP address that’s not on the same network with the local machines.
Lynne says
I recently retired to Mexico, and use a VPN to access my financial accounts for the reasons Harry cited. Really Interesting to know my router may have an in-built VPN function. I probably won’t try to find/use it because I live in a rented house that already has occasionally iffy Wi-Fi, so I’d rather not mess with it. But I find that the VPN service I use (Tunnel Bear) offers more free data than I could ever use up doing my financial housekeeping. I think you really only need to pay for VPN if you’ll be a heavy user, like streaming from your U.S. Netflix account while traveling outside U.S. (And really, if you’re fortunate enough to be traveling abroad, why are you even watching Netflix).
Dave says
Harry,
Seems like the issue is if you are on a public Wi-Fi then someone could “hack” your “stream” as you type in your authentication credentials.
Is there some way that the VPN server could offer up two-factor identification?
Harry Sit says
In the OpenVPN implementation by my router, the authentication credentials are not typed in. The VPN client is configured with the client certificate and private key. The VPN server verifies that the client _has_ the correct private key by looking at a digital signature made with the private key. The private key itself is not put into the stream. You can probably add more layers of security if you run a separate server on your own. It’s going beyond the out-of-the-box functionality provided by the router.
anonymous says
with data being the next gold, it makes sense to use privacy oriented tools when accessing internet.
here are a few examples:
Brave browser – Internet Browser
ProtonVPN -VPN
Protonmail -email/calendar
DIY VPN is fine as a starter for barebones browsing, but if you can jump to something like the above it can be for your daily workflow and not just while traveling (your home ISP is now a data gatherer who sells it to marketers).
Alice Downey says
My NetGear router is also and build-in VPN router. But at the set up this router when I tried to give default password, the IP address couldn’t be loaded. So which IP password I have to enter as a login credential?
Facebook says
We generally don’t want to access outside’s Wifi to operate our financial account, for security purpose. We just can’t trust any unknown network for this. So it will be very helpful if we can get such kind of service from VPN. It is necessary actually.
Eve Barnett says
VPN kind of adds another protection layer, simple as that. It’s not foolproof but another layer of protection is helpful. I always use a VPN on my travel kind of hassle free when connecting to hotel or public wifi