First Experience with VPN Router

Just yesterday, I hooked up my new Invizbox 2 router with router-level VPN service from Proton VPN. I don’t have any interests in either of those companies, except as a regular customer. But I did think to share that experience here because of the privacy issues and how easy everything is. If you buy the router from a link from the Proton site, that links to Invizbox, the router will cost $129.00, including shipping.

If you buy the router from a link from the Proton website, the router arrives configured to work with Proton VPN. I didn’t have to load any firmware or be any kind of router expert to make everything work. But there was a short learning curve to set everything up exactly the way I wanted it. The router settings are based on expressing common-sense answers to what you want as opposed to typing in a bunch of technical information that you may not understand.

I kept my Cox modem/router and plugged the Invizbex 2 in to the back of the Cox modem/router. Then I plugged my LAN ethernet cable in to the Invizbix 2 router. I experimented with unencrypted (in the clear) internet, with TOR, and with VPN through the Invizbox 2 router. All three worked well. I checked a box to block advertising on all three networks. Based on how I use the internet, I settled on keeping the unencrypted service for the hardwired LAN, and as one hotspot. That’ll keep my employer’s work VPN to my company laptop working. My Linux box gets access to the VPN network. More accurately, the VPN network will get access to my Linux box (how I plan to use it). The other Invizbox 2 hotspot is an encrypted VPN hotspot. Then I also kept the original Cox modem/router hotspot that I had to begin with. I am getting over 600 Mbps WIFI with the Cox router. The Invizbox 2 router is rated at a max of 100 Mbps and is actually getting 65 Mbps when encrypted. Before I tried out the VPN, I used the Cox Contour app to open up ports 443 and 1194 on the cox router, specifying to give only the Invizbox 2 router this access, just to increase the chances that the VPN would work. I don’t know if that helped or not.

Everything works. I plan to set up a lot of new network features going forward now. It’s nice having no ads. I have three hotspots, one of which is encrypted VPN. The first time I an had opportunity to need the VPN access was this morning. I am helping a friend in Australia to get started in Amateur radio. All I wanted was to look at the spectrum band plan in Australia. Everything that came up from my searches was American-centric, and included everything except the actual Australian band plan. It got pretty frusterating, pretty quickly. So I quickly switched the VPN to a portal in Perth Australia. After that, all search results were Australian-centric, including the first result having exactly what I was looking for.


I first tried my Proton VPN login and password to configure VPN credentials in the Invizbox 2 router. That doesn’t work. When you login to your Proton account, you can find something called IKEv2. There is an IKEv2 login and password found there that you need to use in the router settings. Both the user name and password is a long string of random (appearing) letters and numbers. Both have to be copied perfectly. Until you later merge networks, your router is initially on its own network with no internet access. So you can’t copy and paste these long strings from your ProtonVPN account found on the internet, in to your routers private network. You have to type them in, one character at a time.

Also, if you have a free or “Mail Plus” account with Proton, you have to use the “Free” selection to set up the VPN in the router. I had a “Mail Plus” account and selected “Mail Plus” in the router settings. That doesn’t work. When I changed the setting to “Free” that caused the VPN to connect and work. Later that day, I upgraded my Proton account to the highest level ($9.95/month) and then upgraded that setting in the router from free to paid, and that worked and gave me access to around 3000 different VPN servers world wide.

So if you’re wanting to get a VPN router, this appears to be an easy way. But give yourself all day to get everything set up and tested. The two challenges above (as simple as they were) consumed about eight hours of my time to figure out. Cox cable totally supports your use of VPN routers on their network. But you have to know what you’re talking about if you want their help troubleshooting. When I asked if ports 443 and 1194 were blocked by Cox, the lower level tech support person accused me of doing “something nafarious”. A higher level tech support person responded to the same question by telling me the name of the app in the Android Play Store that I could use to unblock any ports I wanted to unblock.

My next plan is to log in to my home Linux box from my Librem 5 using the new VPN. If that works, I’ll configure the display on my home Linux box to match the dimentions of the Librem 5 display. Then see if when logged in to the home Linux box from my Librem 5, if I can set the PC display back to the Librem 5. That’s all standard Linux stuff. It should just work. If that does work, I’ll be able to use the full power of a desktop PC to run programs from the Librem 5. As long as there is an internet connection then, the Librem 5 will have super powers, not even found on some lower end PCs.


Good work! Experimental progress is the way to go in the Linux world. As far as expanding the L5 most definitely. The L5 is pretty powerful!

With my experiments on phone imaging and restoration and just recently cloning to another L5 have been successful. Also using the phones 4g network as an access point for my Asus Sabai openvpn router via ethernet connection.
( How to Enable Hotspot and Tethering in PureOS on Your Librem 5 – Purism )

Anyway good luck and have fun!

1 Like

Could you please explain why you cannot connect your employer laptop (with employer VPN) to the Proton VPN hotspot? This is what I was hoping to do. Not possible?

1 Like

Its the best out there, maybe the only VPN router really.

1 Like

I am guessing that my employer’s VPN servers or Duo Mobile needs to see the path from the laptop that they issued to me, all the way in to their own servers. As a security measure, they probably don’t want to be blocked anywhere in-between. If I disappear from my home gateway twenty miles from their servers and show up next in Australia with no tracable hops in-between, they know they’ve been blocked somewhere in-between and they can not be sure that it is even me at that point. My VPN might even obscure my home gateway location, meaning that It really doesn’t look like it’s me. You’ll see that some banking connections don’t like being blocked either. In these cases, I don’t mind because the interests of my bank and of my employer are aligned with my interests. And they also have their own encryption. I have never actually tried to use my own VPN to come in over my employer’s VPN servers. But I am pretty sure it wouldn’t work. If I were them, I would block that kind of activity.

1 Like

ThinkPenguin have a few with RYF certification:

They also have their own PenguinVPN: