keat Posted November 16, 2018 Share Posted November 16, 2018 Can anyone recommend a good (open source) vpn software ? I'm looking to gain access to my work lan from home. Link to comment Share on other sites More sharing options...
Noodleman Posted November 16, 2018 Share Posted November 16, 2018 PIA, but not open source, but if you have a VPS just setup a proxy using Squid. I do this to get a static IP for some services Link to comment Share on other sites More sharing options...
keat Posted November 16, 2018 Author Share Posted November 16, 2018 In almost 20 years in IT, i've never touched a VPN, and now I'm being asked to set something up. I've no idea where to start. Link to comment Share on other sites More sharing options...
keat Posted November 16, 2018 Author Share Posted November 16, 2018 Noodleman Have you used PIA ? is it safe and legitimate Link to comment Share on other sites More sharing options...
Noodleman Posted November 16, 2018 Share Posted November 16, 2018 23 minutes ago, keat said: Noodleman Have you used PIA ? is it safe and legitimate it is, I use their app on my phone, My home firewall uses it and I set it up via a kill switch, IE if VPN is down, don't go online. Sometimes their endpoints can be a little flaky, but better than most. It may be overkill for what you need, but it's doable. I'm super paranoid and like my tin foil hat and take my network privacy seriously. I've even got ad blocking setup at the network level. You will find some services will block you, for example some banks block the PIA network block because it allows anonymity, meaning some people who want to malicious can use the service. So, most online banking places block PIA etc. If you can live with that, or put in a work around then you'll all good. PfSense + PIA works well, especially when tweaked for your own needs It depends what your actual requirements are. PfSense server in your home LAN, sat behind your router with some funky natting should do what you want. can run it on low end hardware if it's just for you. Link to comment Share on other sites More sharing options...
keat Posted November 16, 2018 Author Share Posted November 16, 2018 I have an old watchguard firewall with pfsense installed, but I don't have the next 3 months to try and figure out how to get it to work. I've signed up to a month on PIA, to see if it will do what I want, just waiting for the credentials to arrive. Link to comment Share on other sites More sharing options...
Noodleman Posted November 16, 2018 Share Posted November 16, 2018 PIA is a privacy network, meaning it's masking your endpoint to the internet. if you want a "site to site" VPN, then you'll want an endpoint in your own network. Settiing up a VPN is quite easy in PfSense. https://www.sparklabs.com/support/kb/article/setting-up-an-openvpn-server-with-pfsense-and-viscosity/ Any VPN client shold work assuming it supports your server config. "open VPN" covers most stuff. Link to comment Share on other sites More sharing options...
keat Posted November 16, 2018 Author Share Posted November 16, 2018 I'm baffled. I installed openVPN on my PC and Server and am connected via PIA going out via 2 different ISP's to simulate being at home. However, both VPN's have different IP subnets, so I'm never going to see my server from my PC. Link to comment Share on other sites More sharing options...
Noodleman Posted November 16, 2018 Share Posted November 16, 2018 just add a route Link to comment Share on other sites More sharing options...
keat Posted November 16, 2018 Author Share Posted November 16, 2018 I added a route to my PC, so now when I try to ping my server, I can see the response trying to go via the VPN. But how do I add the opposite route to the server without it affecting anything going on internally ? Link to comment Share on other sites More sharing options...
Noodleman Posted November 16, 2018 Share Posted November 16, 2018 How did you set it up on your LAN? If your server is the endpoint, it should already have the route in it's table. remove PIA from this mix, it's not required as that's more for personal privacy rather than S2S Link to comment Share on other sites More sharing options...
keat Posted November 16, 2018 Author Share Posted November 16, 2018 I've never setup a VPN, we've always used TeamViewer. I once tried via Windows Server Gui, but i could never get it to work. I'm struggling to get my head around it all. Link to comment Share on other sites More sharing options...
Noodleman Posted November 16, 2018 Share Posted November 16, 2018 at it's core it's just basic networking. Think of it like dial-up. you dial into your network. your device makes a call to the end point (VPN server) which answers, authenticates you etc. Once connected it builds a "secure tunnel", between it and your device. All traffic between you and the end point goes over that secure tunnel. You'll want different IP ranges / subnets on the two networks otherwise it won't route properly. Link to comment Share on other sites More sharing options...
keat Posted November 16, 2018 Author Share Posted November 16, 2018 i'll have another play over the weekend. Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.