CHT wifi router - VPN compatible?

Does anyone know?

We’ve had amazon prime for years, but finally arsed ourselves to log it into the new TV. Everything is now “Rent or Buy!”

It’s two-step authentication. :grimacing: Anyhow, yeah, I am looking into nordvpn’s article on setting it up, but I had trouble identifying the make and model.

Looks like "Zhiyi Technology "


Has anyone attempted this with this model, and if not, can anyone recommend a model that works well over here, +vpn ready?

Thanks!

That is CHT’s mesh Wi-fi router. I don’t know if VPN can be configured on that, but there should be another CHT modem/router hiding in a junction box near your door. You can probably configure VPN on that one.

Thanks! I am looking to keep it strictly on the wifi. I like to turn off the vpn on my pc for gaming, it does appear to significantly affect speeds, ping, etc

If you set up the VPN at the modem side, you can have all wired and wifi deceived run on the same VPN.

This may be off-topic as I am not sure whether this applies, but I have a cautionary tale.

I tested an all-you-can eat phone SIM from CHT and placed this in a 4G router. My router did NOT receive a unique (dynamic or static) routable internet IP address. I received a private network address and my upstream router was also a private IP address. I was behind a NAT connection and I would not have been able to have somebody connect to my network over VPN directly. I would be able to use VPN out going of course.

I found this shocking.

You can use a VPN that supports port forwarding.

No in that case port forwarding would not help. Since the device(s) needing port-forwarding would belong to the ISP. To clarify, none of “my” devices received a public routable IP address.

VPN might still work if my devices were the active party (connection going out).

The Cht wifi router cannot be configured for anything. The technician was going to install it but when I asked about VPN, he said it won’t work.
I bought a preconfigured router to work with expressvpn.

2 Likes

Just to add, I think you need to use PPPOE rather than standard port forwarding on the second router if you want to access a server, but you can use standard port forwarding for things like torrents.

I mean a VPN company, not your own.

The internet works, then you can connect to VPN server. VPN server will give you a public routable IP address and you can add a few ports to port forwarding. Some even can give you a residential IP (not Taiwan, but a few countries are available) at cost.

Any brands that I can purchase from pc home, that you know of, or is Amazon the way to go?

I suggest asking Chunghwa to change your router to bridge mode and then buying an aftermarket router.

I’d check with your vpn provider for recommended routers. I bought a preconfigured router for expressvpn. ExpressVPN Linksys WRT3200ACM FlashRouter We watch shows that need an IP address in the US. It was expensive but all I had to do was plug it in and voila. Did I mention that hubby having access to his sports channels saved our marriage?

2 Likes

Now I know why our VPN was not working.

Yes you are right. VPN (dialing up to a VPN) would still work. I was thinking about enabling VPN on your home router to logon to your home remotely.

There were no CHT devices in my home. I was using 4G modem (my own) and LTE 4G SIM. Maybe you are right though, maybe they would change their configuration if I had bothered to ask them. I did not bother. I was disgusted and decided never to use CHT again.

Ah. Cell Internet is highly restricted with blocked ports.

If you want control, you need home broadband.

My point still stands, as long as the Internet works fast, one can bypass their NAT with a tunnel.

Solution 1:
VPN that has static IP’s and port forwarding. e.g. Static IPs - Windscribe

Let your router connect to VPN and port forward to a service (e.g. SSH inside private network)
Routers are usually slow, so a dedicated linux box is better for speed.

Solution 2 (DIY):
Have a Linux server in a data center. Make a wireguard tunnel from inside the private network (some routers support it) to data center server and route services as needed.

Solution 3 (DIY):

  • Domain on CloudFlare, basically DynDNS for the tunnel (cost 10$/year .com domain)
  • Cheap Linux box e.g. Raspberry Pi to run services and be used as private network exit point

Set up the Linux box to be secure, as it will be exposed to the internet through tunnel. Block ports, use ssh with key file only.

Use cloudflared to make a tunnel to cloudflare and assign it to a subdomain.

This shows it for a web server, but you can run any service. I would only expose ssh server and tunnel everything through it.

https://blog.cloudflare.com/tunnel-for-everyone/

Solution 4:
Hamachi, builds hassle free a virtual network over internet. Haven’t used that in decades.

https://www.vpn.net/#features

1 Like

Did you order this from the US? I have Express VPN, was thinking of buying a compatible router like Asus AC68U V3, which is sold here, and installing Express VPN’s firmware app. Website says you can also use Open VPN with a larger number of routers.

I heard somewhere Taiwan doesn’t like us to import routers from outside the country?

It was a major pain to import. If you have the skill to update it yourself, this is cheaper too.