Dual WAN and VPN

[nunz 5]

I wonder if someone knowledgeable could answer my question.

 

[1] ASUS RT-AC87U is an AC2400 802.11ac router that has a dual WAN feature in which one of the LAN ports can be configured as a 2nd WAN port.

[2] The cable company here provides 2 public IP addresses thru DHCP.

[3] So, suppose that I start with (cable modem) --> (gigabit switch).

[4] From the switch, I will run two Ethernet lines; one to the WAN port and another to a LAN port of the router that will be configured as a 2nd WAN port.

[5] My Mac will connect to the router thru 802.11ac Wi-Fi.

 

With this setup, when I start the AirVPN client, how would a VPN tunnel be created from the Mac to the IP address of a destination website thru the 2 WAN ports?  The reason why I am concerned about the tunnel is because, when I am doing p2p download thru a torrent, I would want both WAN connections protected thru VPN. 

 

I am perfectly aware that the bandwidth will always be limited by the single Internet connection thru the cable modem. My current contract gives me about 30Mbps down speed. I am also aware that my dual WAN setup is fundamentally different from a standard dual WAN setup in which 2 different connections to the Internet are made, eg, cable connection and LTE cellular connection.

 

Thanks to anyone who could help me with this.

[mage1982 15]

With this setup, when I start the AirVPN client, how would a VPN tunnel be created from the Mac to the IP address of a destination website thru the 2 WAN ports? The reason why I am concerned about the tunnel is because, when I am doing p2p download thru a torrent, I would want both WAN connections protected thru VPN.

I guess the short answer is that a VPN won't protect any connections to begin with. What it will do is encrypt the traffic that leaves the computer you run the client on (and Air's servers will decrypt it and forward it on).

 

 

Slightly more complex answer: What happens is that, first, you get an encrypted "virtual network cable" with Air at the other end; and second, traffic is rerouted to go through the virtual connection instead of the path it would normally take. (The "tun" network interface that is sometimes mentioned is the entrance into this virtual connection.)

 

You could also set things up so that some traffic goes through the virtual connection, and some does not. But that is not the default. By default, all traffic goes to Air, and Air becomes your gateway to the outside world.

 

 

So, if you run the client on your Mac, it doesn't really matter at all what is between it and Air. Wifi followed by one WAN port, two WAN ports, or a piece of string makes no difference.

 

Whether the encrypted traffic will go out on one or both ports I have no idea. But as for privacy it won't matter.

[nunz 5]

Thanks, mage1982, for taking the time to explain. 

 

My original idea was not really a productive idea start with.

A more sensible use of 2 public IPs may be to use one IP for my day-to-day work thru NAT (and VPN as needed) and use the other IP to run a web server, for example. 

 

Thanks again!