Reply

Teach me about VPNs

jesilvas
Follower

Teach me about VPNs

I can see already this has been discussed, and of course, I'm going to add to this.

Right now, we have the R7000 behind a Suddenlink cable modem. I followed all steps to configure a VPN using OpenVPN. Right now, only on Windows 8.1 x64.

But I'm not sure if I'm missing steps (port forwarding, DynDNS service?) or if this is even for us.

We have QuickBooks on a "server" (just a computer used for other business work) and then clients on the same network. I'd like to be able to be off the network (home, other locations) and get into the network so I can access various computers (documents, pictures), printers, and especially the QuickBooks server.

So I need some teaching. I've been doing reading, and understand MAC and IP addresses, how a VPN works, what ports are, but no deep understanding of the innards of networking. :help:
Message 1 of 5
wallyuwl
Aspirant

Re: Teach me about VPNs

I just got this router and am also unsure about VPNs.

I performed the instructions to set up a DDNS, and downloaded and installed openVPN.

What I don't know about is port forwarding. I know what it is, but don't know what I need to do to get it working with this router.

In other words, I don't know what I need to enter into the fields when I go to routerlogin.net and go to the port forwarding tab.

Do I use FTP or HTTP or VPN-PPTP? Or do I need to do a Custom Service? What do I put for the Server IP address (modem's?)?

I just want to be able to access my home internet from away from home instead of using unsecure networks at hotels, coffee shops, etc.

Thanks.
Message 2 of 5
fordem
Mentor

Re: Teach me about VPNs

wallyuwl wrote:
I just want to be able to access my home internet from away from home instead of using unsecure networks at hotels, coffee shops, etc. Thanks.
What do you hope to achieve by this? If you're going to use the internet from a hotel or coffee shop, there is no way to avoid using their "unsecure" network - you HAVE to connect to it to make a VPN connection and all the VPN connection is going to do is encrypt your traffic between your laptop and your home. What you're going to be doing is connecting your laptop to the unsecure network, establishing a VPN to your home, encrypting the traffic between the laptop and your home, and then decrypting the traffic at your home and sending it unencrypted across the internet to its destination. When the unencrypted traffic leaves your home it is going to be NO more or less secure than it would have been when it left your laptop in the hotel or coffee shop, if you were not using a VPN - "Joe Hacker" can intercept your unencrypted traffic at any point on the internet, encrypting it between your laptop in a hotel, and your home, and then sending it unencrypted across the internet provides no additional security. Unless your intent is to access files located on a computer in your home, there is very little to be gained by setting up a VPN connection to your home. Port forwarding should NOT be necessary to setup a VPN - it would only be required if you are using a VPN server on the inside of your router which would not be considered a best practice approach, it might also be required if you are running "daisy chained" routers, which is also not best practice.

Give a man a fish, feed him for a day
Teach a man to fish, feed him for life.
Message 3 of 5
BeerDrinker
Aspirant

Re: Teach me about VPNs

This short write up the perfect answer to what you will be getting: http://www.privatewifi.com/hacking-at-36000-feet-the-ease-of-spying-on-the-person-in-seat-2b/
So what are people doing on the Internet at 36,000 feet? Well, it is not quite as titillating as other wifi sites we have investigated, in hotels, conventions, and parks. Most is pretty much the same as less-lofty environments: accessing Google Apps, checking Facebook, sending or receiving Tweets, etc. A lot of people were relaxing, reading People online, accessing ESPN, or on a Disney site. One was shopping for SCUBA equipment and another was looking for a home-builder. One person was accessing a site called Gravity.com, which provides content personalized to each individuals’ interests. I wondered what those might be, but did not pursue it further. Others, of course, were more focused on their job. It seemed to be a very marketing-oriented group, as several were accessing various tools for analyzing visitors to websites. One of these tools, ironically, brags that they are rated “50 out of 50” for “privacy,” including a top-rating of 20 for “anonymity.” (Both hackers and marketing types are becoming equally adept at de-anonymizing network traffic, so I took that with a rather large grain of salt.) Finally, I saw someone ordering flowers from FTD.com. It made me wonder whether he was sending them to the woman who he had just left, or the one that he was about to visit!
The 36,000 feet statements apply equally as well to coffeshops, hotels, etc.
Message 4 of 5
fordem
Mentor

Re: Teach me about VPNs

That article is nothing but sensationalism - yes - everything in it is probably true - and yes, I can watch you surf from your hotel room or in the coffee shop if you're not using a VPN. My point is that I can also do exactly the same thing from the house next door, or, since the original poster is using cable internet, any subscriber connection on that cable system, even if it's a few miles away - creating a VPN to your home in the hope of improving security is going to do nothing more than slow down your browsing. As I said before - even if you encrypt between your laptop & your home, when the traffic leaves your home to complete it's journey, it will be unencrypted and visible to anyone who cares to look - so you've built a VPN and encrypted the traffic between your laptop & your home, and you're in a hotel or on a plane - how much difference does it to someone sitting in the house across the street, intercepting the unencrypted traffic leaving your home? Answer this question - have you not just made it easier for him to surveille you - it that was his intent? Incidentally - I am willing to bet that the author of the article does not know whether that last person was actually ordering flowers or simply browsing the FTD site and here's why I say that - all reputable ecommerce sites encrypt their network traffic using https which means he could not see the actual traffic, all he needed to see to know what site the user was visiting was the destination address which cannot be encrypted. The ecommerce sites encrypt from your browser to their server - so even if you're in a hotel or a coffee shop, what you have is encrypted traffic flowing over an insecure WiFi network, over the insecure internet to the server - it is their encryption that provides the security - and by the way - this also works on an airplane - the guy ordering flowers (assuming it was a guy) was at greater risk from the passenger in the seat next to him "shoulder surfing" than he was from the electronic eavesdropper.

Give a man a fish, feed him for a day
Teach a man to fish, feed him for life.
Message 5 of 5
Top Contributors
Discussion stats
  • 4 replies
  • 2545 views
  • 0 kudos
  • 4 in conversation
Announcements