I purchased a VPN Router two years ago and ChatGPT finally helped me configure it exactly how I wanted to…
I desperately wanted that to be my reality. In truth, ChatGPT took me down a very hope filled enthusiastic journey, that ended in flames 8-hours later. But fear not, there is ultimately a happy ending, and the journey was full of learning and a good dose of intellectual stimulation for my troubles!
The Early Days
I remember my first networking class in college many many years ago. I had a knack for visualizing how packets moved about through networks, and how routers and switches determined what was allowed and what was blocked and where to forward information to. I even enjoyed applying binary math for calculating the network boundaries.
I considered getting a CCNA certification so I could be a certified network nerd, but I found it too boring and hard to keep engaged with because I did not have physical devices (or even simulations) to experiment with.
Set it and forget it
For years and years I used OpenWRT on a $40 Linksys router at home, I was a proper nerd refusing to buy or lease expensive fancy routers. When I bought my Texas mansion I upgraded the electrical to run CAT6 into every room in the house. It was going to have wired access points in every single corner and be a wifi nirvana, no weak signals! Suddenly I only wanted an expensive fancy router to fulfill my dreams and went with the OG TP-Link Google OnHub router and it’s accompanying access points. It checked all the boxes and worked extremely well for my needs for a solid 7 years. Even with forced device upgrades due to end-of-life announcements, I was still quite happy with my setup.
Then one fateful day in October 2024, at 1pm in the middle of my workday, my Internet stopped working. Did the usual things, and though it took 48-hours of debugging to get a definitive conclusion, this firmware update is to blame for breaking my iron-clad-stable Spectrum 300mbps internet connection.
The Spectrum internet was fine without the Google router and the Google router was fine without the Spectrum modem, but together we were at an impasse.
I tried various gateway setups, but none of them were ideal. In one of my experiments, I had purchased a VPN server, I recall trying to get it to work as a gateway device sitting between the Spectrum modem and Google router. Every configuration I tried brushed up against Google Nest’s ridiculously basic routing and Double NAT issues. OpenWRT did support for my older Google Access Points, but I just didn’t have the kind of time I did in my 20s to fiddle around with it, and if I was going to go the OpenWRT route, I could also go with Ubiquity instead – spend money to save time.
In the end, given the sunk cost in my setup, plus the time and effort to reconfigure over 40 smart devices on my home network – smart TVs, thermostats, lightbulbs, etc., was not one I was willing to entertain, so even though Google Nest was at fault, it would stay. I made a switch to AT&T Fiber (Spectrum could not guarantee me a different model modem) and got everything working again. The VPN server went into my network closet to gather dust until a future project.
VPN dreams resurrected
Fast forward 14 months and I found myself researching how to get Wireshark and OpenVPN on Docker in my Synology NAS and remembered that I had this VPN server in my closet, and a super smart AI companion to accelerate my research! I wonder how much time I would have saved if I’d thought to use it then!
A few prompts and 10 mins later, I had a potential path forward, and a reason why didn’t work before – don’t make it a gateway, just make it a VPN endpoint!
A couple more prompts later and I had a plan of attack. I got so excited about the possibilities that I increased the level of complexity, not only were we going to set up Wireguard, we would also setup OpenVPN as a secondary option on hostile networks AND we would set them both up in full tunnel mode, so that all my remote traffic appears as though its coming from my home network.
And so I spent my Saturday with ChatGPT, my desktop, laptop and my cellphone with hotspot ready to test every configuration. It was a very long session and I asked ChatGPT to summarize our starting hypothesis, the various paths we pursued and where we ended up in a blog post format, I’ll post that in Pt. 2.
Closing Thoughts (from ChatGPT)
Nothing in this process was wasted time. This exercise reinforced an important truth about networking – understanding the constraints of your hardware matters more than knowing the protocols.
And once you see those constraints clearly, the right design becomes obvious. The solution was to stop fighting the hardware and accept that not all “VPN-capable” routers fit all topologies. The best path forward is to follow the original plan to run WireGuard and/or OpenVPN on the Synology NAS
Never mind that this conclusion is only possible in retrospect, after trying and failing multiple “this-one–is-definitely-going-to-work” paths. ChatGPT was the enthusiastic bestie to the very end, then turned into a wise professor sharing words of wisdom as though they were always obvious.