In theory that would hide your IP from the VPN provider and the websites you’re visiting from your VPS provider, achieving the same protection that iCloud or Invisv might provide.
I think this could be particularly useful for mobile users whose native IP/location is always changing… I dunno, this is just a 5-minute thought I haven’t fully fleshed out yet, interested to know if anyone has feedback or might theoretically be interested in such a setup guide.
Yes sure, I once had a similar idea because i wanted to do some access controls for my family cloud but nowadays just use Zero Trust architecture for this.
At first I thought it would be useless. But if you put yourself on other perspectives:
VPN only sees the VPS provider and site you are visiting.
VPS provider only sees your IP and the VPN.
The contents of both traffic should be opaque to each other and should provide plausible deniability of sorts.
You are of course, not in any way anonymous. But you never were anonymous with VPNs.
If anything, it should add a lot of paperworks and hopefully lawful request of your data between governments would be bogged down and lost in bureaucracy. Just make sure the VPN and VPS providers are in different enough jurisdictions (not part of “Five Eyes”, etc).
I’m kind of against this from a complexity perspective. VPN services and iCloud Private Relay are pretty much 0 hassle, whereas this solution would require you to maintain your VPS server, not mess up the configuration, etc not to mention the extra cost of paying for a VPN and a VPS. It just seems to make a lot more sense to me to get a multi hop VPN or use Tor, systems that are already set up for you to use and require minimal configuration, maintenance, and hassle. Not really sure that the benefits outweigh the drawbacks in this case.
I realize this thread is more than a year old, but I did run a similar setup a while back to get past poor ISP peering to my VPN provider’s servers.
My scenario was;
Undersea cable fault near my waters and my country had a stupid maritime cabotage policy that caused delayed repairs.
I’m not an expert with how (1) works, but all I know is it resulted in abysmal peering from my home connection to my VPN provider’s closest servers*, with high latency and >10% packet loss at certain times of the day.
Found out via local forums that my particular ISP had private peering agreements with some hosting providers located in a country close to mine which bypassed the congested peering hops.
Spun up a WireGuard VPN (used the Algo script, which was popular at the time) on a rented VPS instance from one of those hosting providers, put the resulting config on my router and dedicated it to a wifi SSID.
Connected my device(s) to that SSID and then connected to my VPN provider’s server via their official app(s) on my device(s).
Performance was great. Only downside is that most rented VPS instances are metered, so you will have to monitor your bandwidth.
Reason I necromanced this discussion is because the peering problem is back again for me and am considering doing the same thing. Checked here first to see if there were other alternatives, and found this thread, so added my 2 cents.
*I envy you US and EU folk who seem to have a buffet of VPN nodes for Mullvad and IVPN in your region. Where I am, I only have a couple that give me <50ms and a couple more with <100ms, and the aforementioned undersea cable faults that occur regularly here (Ring of Fire) usually affect all of them. Grrr…
I think you don’t really need a VPS to achieve this. For example, on a PC you can use a system VPN + a browser VPN or a system VPN + a proxy. You can also set up a router VPN.