Inbound VPN for home network

Posted on
Wed Aug 03, 2016 1:50 pm
FlyingDiver offline
Posts: 3436
Joined: Jun 07, 2014
Location: Southwest Florida, USA

Inbound VPN for home network

I'm thinking about setting up a VPN server so I can get directly into the home LAN when I'm away. Just not sure how best to proceed. Here's what I have in place now:

  1. Comcast internet with an Arris SB6183 modem
  2. Ubiquiti EdgeRouter Lite (3 port)
  3. Two older Ubiquiti APs
  4. Synology DS411
  5. Mac mini running Indigo, SecuritySpy, Plex, etc.
  6. Switches, etc.

I can run a VPN server in the router, the Synology, or the Mac (I think). If I run it in the router, it needs an external Radius server for authentication. The Synology can run the Radius server, or a VPN server. Or both. I'm assuming I can get a VPN server for the Mac. Or I could get OS X Server for it, which includes VPN.

What would you guys do? Or what do you do now? And do you know how to create profiles for my iOS devices with the VPN server config info, like I can get from my Internet VPN provider.

Thanks!

joe (aka FlyingDiver)
my plugins: http://forums.indigodomo.com/viewforum.php?f=177

Posted on
Wed Aug 03, 2016 2:06 pm
autolog offline
Posts: 2931
Joined: Sep 10, 2013
Location: West Sussex, UK [GMT+1]

Re: Inbound VPN for home network

I use OS X Server VPN running on the Mac Mini that runs Indigo. It works very well :)
I use iTouch via the VPN to access Indigo.

Posted on
Wed Aug 03, 2016 3:31 pm
Bollar offline
Posts: 520
Joined: Aug 11, 2013

Re: Inbound VPN for home network

I also use Mac OS X Server's VPN and recommend it.

Insteon / Z-Wave / Bryant Evolution Connex /Tesla / Roomba / Elk M1 / SiteSage / Enphase Enlighten / NOAA Alerts

Posted on
Wed Aug 03, 2016 3:54 pm
kw123 offline
User avatar
Posts: 6567
Joined: May 12, 2013
Location: Dallas, TX

Re: Inbound VPN for home network

You can set up vpn on the ubnt without radius. They do not recommend it but it works.



Sent from my iPhone using Tapatalk

Posted on
Wed Aug 03, 2016 4:13 pm
FlyingDiver offline
Posts: 3436
Joined: Jun 07, 2014
Location: Southwest Florida, USA

Re: Inbound VPN for home network

kw123 wrote:
You can set up vpn on the ubnt without radius. They do not recommend it but it works.


Yeah, not very secure is my understanding. Don't want to do that.

joe (aka FlyingDiver)
my plugins: http://forums.indigodomo.com/viewforum.php?f=177

Posted on
Wed Aug 03, 2016 4:59 pm
Asconasny offline
Posts: 156
Joined: Jan 16, 2015

Re: Inbound VPN for home network

I use openvpn on synology DS411j nas, work perfect.
Tunnelblick as client, very easy setup.
Install tunnelblick on mac
Make a openvpn account on NAS, download config/certificate, open it in a text editor, Edit your external IP address, save. click it and tunnelblick installs it.
And openvpn connect app on iPhone.

And of course forward port 1194 on router/firewall NAS ip internal address

asconasny

Posted on
Wed Mar 29, 2017 6:55 am
Different Computers offline
User avatar
Posts: 1906
Joined: Jan 02, 2016
Location: East Coast

Re: Inbound VPN for home network

With the GOP selling our internet history down the river yesterday, I expect this thread may get a lot busier. While I'm not super worried about my crappy ISP monitoring my port 8176 traffic, I'm quite concerned about ad injection and browsing history matched to demographics.

Wish I had a better way to encrypt all my outgoing traffic. With a max real world upload of 0.6 Mbps, even slight performance hits on speed are highly problematic.

SmartThings refugee, so happy to be on Indigo. 10.13.6 on an i5 MBP w/Harmony Hub, Hue, DomoPad, Dynamic URL, Device Extensions, HomeKit Bridge, MatplotLib, Plex, uniFAP, Wunderground, Nanoleaf, LED Simple Effects, Airfoil Pro, Grafana.

Posted on
Wed Mar 29, 2017 7:14 pm
kw123 offline
User avatar
Posts: 6567
Joined: May 12, 2013
Location: Dallas, TX

Re: Inbound VPN for home network

with the latest dev on privacy I am really temped to go with all traffic through a VPN in the USA..

any advice on which vendor works well?

thanks

Karl

Posted on
Wed Mar 29, 2017 8:26 pm
roussell offline
User avatar
Posts: 1105
Joined: Aug 18, 2008
Location: Alabama

Re: Inbound VPN for home network

I've been researching this as well, a lot of people (including my company's CISO) have recommended PureVPN. Their pricing and features look good, but I haven't made a decision yet.

Terry


Sent from my iPhone using Tapatalk

Posted on
Wed Mar 29, 2017 9:17 pm
RogueProeliator offline
User avatar
Posts: 2243
Joined: Nov 13, 2012
Location: Baton Rouge, LA

Re: Inbound VPN for home network

I assume that you guys are thinking of setting up your router with the VPN information so that all network traffic goes through it... I would consider that except perhaps would want to make an exception for a handful of things - such as the Xbox. I'll just go ahead and assume that Mr. Terry will be able to help me setup the proper routing tables or whatever to get that configured as such.

When I listen to the network guys talk their talk I understand what the general population hears when software developers are talking amongst themselves.

Posted on
Wed Mar 29, 2017 9:53 pm
kw123 offline
User avatar
Posts: 6567
Joined: May 12, 2013
Location: Dallas, TX

Re: Inbound VPN for home network

Yes that's the plan


Has anyone setup a UniFi router and could share how to set it up?


Sent from my iPhone using Tapatalk

Posted on
Thu Mar 30, 2017 1:04 am
PeteVis offline
Posts: 162
Joined: Jun 19, 2015

Re: Inbound VPN for home network

For outbound VPN, this is a good site to research :
https://privacytoolsio.github.io/privacytools.io/

I have been using Windscribe VPN for a few months now and I am happy with the speeds I am getting. I purchased a lifetime pro account for $50 (one time fee).
check out https://store.digg.com, they always have promotions like this.

I understand that promotions like these might impact the quality of their service, but just trying out a VPN service for a few months easily costs the same amount. So I look at it that my lifetime account is just a trial. When their service becomes too congested in the future, or they go bankrupt, I can still switch to another provider (or buy another promo)...

Posted on
Thu Mar 30, 2017 7:12 am
roussell offline
User avatar
Posts: 1105
Joined: Aug 18, 2008
Location: Alabama

Re: Inbound VPN for home network

RogueProeliator wrote:
...I would consider that except perhaps would want to make an exception for a handful of things - such as the Xbox. I'll just go ahead and assume that Mr. Terry will be able to help me setup the proper routing tables or whatever to get that configured as such.


That's called "split tunneling" and both your router/firewall as well as your VPN provider will need to support it. Alternatively, you can just use a VPN client on each computer you want to protect, then you'd only need split tunneling support from the VPN provider if you wanted that computer to skip the VPN for some stuff. In that instance the Xbox would work as normal since you wouldn't have the VPN connection on it. I've noticed that several providers offer several logins per account to allow for multiple 'family' installs.

Terry


Sent from my iPhone using Tapatalk

Posted on
Thu Mar 30, 2017 9:35 am
Busta999 offline
User avatar
Posts: 627
Joined: Mar 30, 2016
Location: Wales UK

Re: Inbound VPN for home network

I've been using ExpressVPN for a year, excellent - works on iOS, android, windows, Mac, and many routers. I use for high volume video transfers, it is as fast as my broadband. I have had it working on multiple macs and iOS devices simultaneously while all on my Lan and all separated around the world. I can't recommend it high enough.
I pay the $99 pa and it just works really well.
Use this link and get 1 month free and it adds 1 month to mine
http://www.expressrefer.com/refer-a-fri ... _dashboard


Sent from my iPad using Tapatalk

Posted on
Thu Mar 30, 2017 3:33 pm
virgahyatt offline
Posts: 126
Joined: Jan 11, 2014

Re: Inbound VPN for home network

kw123 wrote:
Yes that's the plan


Has anyone setup a UniFi router and could share how to set it up?


Sent from my iPhone using Tapatalk


I have gone through it and the setup is pretty painless. But there is one rather big snag when using macs with it that I ran across Back To My Mac. Which uses some of the same ports as VPN and if uPnP is also enabled on the edge router it will prevent either one from working right. So make sure you turn it off on all the computers used in the house or disable uPnP. They have walkthroughs available that will take you setting it up and making sure the firewall rules are setup.

Who is online

Users browsing this forum: No registered users and 1 guest