Pick your favorite tech blog and router/modem back doors are the topic de jour.
Question: If I set up openvpn on DD-WRT and run my DSL modem DMZing to the router, is that secure? Or do I need to set up a VPN on every computer?
I guess an axillary question is can you really trust the modem to be in DMZ mode? That is, the NSA or other hackers could hack the modem and put it in any mode it wants.
Then as a follow up, I suppose the NSA or other hackers could use some virus to undo your VPN on your computers. That was why I was thinking it is best to let the DD-WRT handle the VPN. It is in a harder to reach place.
For bonus points: Strong Swan or openvpn. I think you can make DD-WRT do Strong Swan.
StrongSWAN, like any IPSec solution, can be complex to set up and a real pain if you have a dynamic IP address at (at least) one end of the connection. If the tunnel collapses it has to be rebuilt. OpenVPN, in its default UDP mode, can transparently resume across changing IP addresses. IMO it's also much easier to configure a simple connection, whether road warrior to net, or net to net.
Having had to use both, I definitely have a preference. Chris
I have a static IP at home, actually two static IPs. Purevvpn seems to cover the most methods. Also it can handle 5 difference sources, though if you use your router, it seems to me you just need one there and one for your phone.
formatting link
They show a DD-WRT for PPTP, but that apparently isn't considered secure these days. Also this is in their FAQ:
*********** Q: Can I connect to Purevpn with multiple computers at the same time?
Each Purevpn account can only be used for one concurrent connection, but you can of course buy additional accounts at any time. Please note that some routers/firewalls have troubles handling multiple VPN connections to the same destination.In such a case you may ask for a trial account to test along with your normal account to conclude if additional vpn accounts can or can not be handled by the router/firewall.
**********
Then there is the issue of data caps. The trouble with the PureVPN website is it is poorly maintained regarding pricing. There are "special", but you don't know how long they last, yada yada yada.
Some people are getting Amazon AWS accounts and rolling their own services. I pay for web hosting, so I could consolodate everything into a AWS account. As it stands now, my hosting is on AWS through a 3rd party. I'm assuming I have no shell access, or I could hack a bit and at least proxy through the hosting company.
Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here.
All logos and trade names are the property of their respective owners.