I decided I want a secure encrypted tunnel when connecting to different web sites and for downloading email (I'm using Thunderbird). My goal is to protect all data to and from each web site from being looked at from my ISP provider and any snoops while on the internet. So I setup my own VPN using OpenVPN on my router. My question is, is everything on my LAN (All devices connecting to the internet in my home) encrypted using the settings below or is there an extra step? I did setup DDNS prior to setting up and activating OpenVPN on my router. I'm assumming I don't need a client (OpenVPN client) to connect to the router VPN unless I'm outside the network (away from home).
Running a VPN server on your own router will not help in achieving that goal, since all traffic leaves your router unencrypted. For your goal you would need to run a VPN client (on the router or on individual devices) using a commercial VPN service or your own VPN server on a VPS.
Ahhhhh ok. That makes sense. Just the answer I was looking for. I'm thinking that https might be enough encryption for accesssing sites on the internet. Thunderbird is set up with TLS/SSL encryption so I'm probably covered there and the weakest link being DNS, I have covered by using Control D DNS-over-TLS (DOT) which encrypts my DNS. Anyway, I do thank you for the reply. At least I now have a better understanding of setting up OpenVPN as a server on the router for outside the LAN encrypted connections and using a VPS for VPN to connect within my LAN.
