VPN choices

Tags: #<Tag:0x00007fe066344920>

(Thomas Binder) #21

So, it’s always bidirectional? Then I must review my setup the next time I’m up there. I had the impression it was one-way only. If I can reach the client’s network from the server it’s the thing I’m looking for as the client isn’t reachable from the internet…

(Rich Koshak) #22

Yes, by default. OpenVPN is one of those services with a million settings so I’m certain it is possible to configure it so it is one way. And perhaps it is reasonable for some of the gateway/firewall wizards to configure it so that happens. But by default, normally it is bidirectional, though like I said, the IP address will be different.

(Thomas Binder) #23

That’s fine, I already configured two separate subnets.
Thanks again, I have to look into this!

(Rich Koshak) #24

Just to make sure, I connected my phone to my OpenVPN over the cellular network and was able to ping it using its OpenVPN IP address from a machine on my LAN. So I’m not just making things up. It is, or at least can be bidirectional.

I have a pfSense firewall and I run OpenVPN on it configured using the wizard and the client configs exported using an addon to pfSense created for that purpose.

Good luck!

(bouali mohamed) #25

What’s about Softether VPN, Anyone has been using this OpenVPN alternative, I 've tested it in windows a few days ago it’s fine, I’m not sure about Linux platform.
Reviews, Thanks.

(Alex Forrow) #27

Bit late to the conversation, but I’m using ZeroTier (https://www.zerotier.com/) and it’s been faultless.

You just install and start a daemon on all your hosts, then join them to your network on the ZeroTier web UI (ZeroTier Central).

What you get is a secured VPN network between all your hosts. Assuming each host has Internet access and the daemon is running (mine all start on boot), your other hosts will be accessible. Absolutely hassle free.

It uses efficient routing so two node on the same physical network route directly, whereas my laptop on some WiFi connection elsewhere will route (encrypted) via their servers.

They support both IPv4 and IPv6 and appear to have an android app, though I haven’t used it.

Have I sold it enough? :smiley:

(Rich Koshak) #28

Phones? Mac and Linux support?

(Alex Forrow) #29

I use it on two raspbian nodes and my Arch Linux laptop with no issues.

They have Android and iOS apps with good reviews, and Windows and Mac apps, but I can’t verify those.

(Klim Bim) #30

Hi all, quite an old thread, but would anyone have strong reasons against installing http://www.pivpn.io on the same Raspberry Pi as openhab?

Thanks a lot!

(Lucky) #31

What router do you have? Back in the days (hey I’m only 34 lol) I had to run my own VPN server but with new routers, most of the modern ones come equipped with a VPN solution.

(Matthias Dohr) #32

I do it like this on a fritzbox. AVM has it´s own free dyn-dns service called myfritz, so you dont have to pay one else or verify the account every few weeks.

Of course you only can use it if you use a fritzbox

On my smartphone i use vpncilla in a free-version and on my “company-laptop”(no idea if thats the word for Firmen-Laptop) also free-version of shrew. It works now for some years without any problems

(Jürgen Baginski) #33

I loved to use that one, however since changing to a faster internet-provider I can’t use it anymore. The company is providing an “DualStack Lite” connection (own IPv6 and IP4 adress only outgoing, incoming !Pv6 and for IP4 a shared adress). Sadly I’m using the same provider for my moblie, but for mobile connections this company does NOT use IPv6, so a connection via IPv6 only is not possible.
Still looking for a secure solution which enables to connect from my mobile to the home LAN.

(Lou Erickson) #34

I have a pfSense box from Netgate. It makes the setup really simple, although there is no reason you could not install the same software on your own hardware.

The pfsense box runs openvpn. I have openvpn clients for Windows, OSX, and Android. (No iOS here, so I don’t know how it works.) You start the vpn client on your device and it gets secure access to your LAN.

The latest Android can keep the VPN up all the time.

I access my OH via the phone browser from anywhere, easily. I can ssh in and do anything I need to.

Having VPN access to your home network is great.

(Lucky) #35

Same as my Asus router using the merlin firmware, but I guess even the official Asus firmware has openVpn by default. I’m connected to my home vpn basically 24/7