VPN Primer for Noobs

themow · Oct 8, 2017

After another half a day working on this I can say without a doubt, this is not as easy as opening ports. Not on a Tomato router atleast. I have been generating files and trying to get this going and I am not getting anywhere. One good guide or video would do the trick. Since this is not just for my security but the good of all the internet, someone should make a guide. If i figured it out, id make one!!

Im following this guide but trying to run the server from advanced tomato. Is this guide old?
HOWTO

Log
Options error: You must define CA file (--ca) or CA path (--capath)
Use --help for more information.

Ive defined them. 3 times. WTF!!!!!

looney2ns · Oct 8, 2017

Maybe this: How to setup OpenVPN on Tomato | NordVPN

themow · Oct 8, 2017

that is for vpn client. I am trying to setup vpn server

DavidDavid · Oct 9, 2017

Man. Good luck. I tried setting up a VPN using an old router I flashed DD-WRT onto and I never got it to work. I'm sure I did all the right things, at least I think... But it just wouldn't work. Ended up buying a PI and using PIVPN.

themow · Oct 9, 2017

Big thanks to RANDY!

I flashed merlin fimware onto my router and the setup was almost as easy as port forwarding.

Optimus Prime · Oct 10, 2017

In reading this threads, I've come across a mention that router based VPN is fine for sub 10MB connections. I've got home fiber connection with 75 up / 75 down, and we watch a lot of Netflix. Is there a consumer level router with built in VPN that can handle this workload?

Talos77 · Oct 10, 2017

Roman said:
Just an FYI, if you block all internet access under the "network map" for Asus routers it will block incoming connection from VPN as well...been there done that! So basically that is a no go if you plan on VPN'g back to see your cams.

I just discovered this on my RT-N66U. I blocked access to the internet for my 2 camera's and my hikvision NVR and then discovered when I tried to connect to the VPN from home that IVMS4500 couldn't see my camera's. I could connect to the web interface for my file server so i knew the VPN was connecting fine but was scratching my head about why i couldn't connect to the NVR...

Lucky i found your post.

So now I've unblocked the NVR and left the cameras blocked and can connect from ivms4500 from work now.

Is there any issue to not having the NVR blocked from the internet? Ive not got any active port forwards but is there something else i can change to stop it "phoning home" or broadcasting information? Just want to make sure that I'm as secure as i can be.

randytsuch · Oct 11, 2017

Optimus Prime said:
In reading this threads, I've come across a mention that router based VPN is fine for sub 10MB connections. I've got home fiber connection with 75 up / 75 down, and we watch a lot of Netflix. Is there a consumer level router with built in VPN that can handle this workload?

The VPN connection is used when you're away from home, and want to connect to your home network.

It won't affect watching netflix or anything else. We watch netflix with no problems. During the summer, have two teenage girls doing their thing, and we would watch netflix and no one complained about internet speeds. I have cable internet, think I measured around 40 up, but down is much slower.

MrRalphMan · Oct 12, 2017

Talos77 said:
I just discovered this on my RT-N66U. I blocked access to the internet for my 2 camera's and my hikvision NVR and then discovered when I tried to connect to the VPN from home that IVMS4500 couldn't see my camera's. I could connect to the web interface for my file server so i knew the VPN was connecting fine but was scratching my head about why i couldn't connect to the NVR...

Lucky i found your post.

So now I've unblocked the NVR and left the cameras blocked and can connect from ivms4500 from work now.

Is there any issue to not having the NVR blocked from the internet? Ive not got any active port forwards but is there something else i can change to stop it "phoning home" or broadcasting information? Just want to make sure that I'm as secure as i can be.

In my Cisco router, I can use parental controls to block the NVR or Cameras from calling out to the internet. It's not perfect, but better then nothing.

GKL · Oct 24, 2017

I'm getting a business class router that has VPN already built in, so is that enough by itself or do you still have to use something like OpenVPN ?

fenderman · Oct 24, 2017

GKL said:
I'm getting a business class router that has VPN already built in, so is that enough by itself or do you still have to use something like OpenVPN ?

That is sufficient...make sure to keep it updated..

GKL · Oct 24, 2017

fenderman said:
That is sufficient...make sure to keep it updated..

Thanks for the quick reply, it is appreciated, while I'm somewhat tech savvy to a degree, IP security cameras and VPN is a new area for me and there is so much info to sort thru to see what I really need and don't need.

So that is good news that the business class router with built in VPN is good by itself without using OpenVPN.

The router I'm getting

fenderman · Oct 24, 2017

GKL said:
Thanks for the quick reply, it is appreciated, while I'm somewhat tech savvy to a degree, IP security cameras and VPN is a new area for me and there is so much info to sort thru to see what I really need and don't need.

So that is good news that the business class router with built in VPN is good by itself without using OpenVPN.

The router I'm getting

I think you forgot to post the model number..

GKL · Oct 24, 2017

fenderman said:
I think you forgot to post the model number..

Cisco RV110W Wireless-N VPN Firewall router
RV110W-A-NA-K9

GKL · Oct 24, 2017

fenderman said:
I think you forgot to post the model number..

Sorry, don't know why it didn't post everything I typed the first time in the original post.

Cisco RV110W Wireless-N VPN Firewall router
RV110W-A-NA-K9

fenderman · Oct 24, 2017

GKL said:
Sorry, don't know why it didn't post everything I typed the first time in the original post.

Cisco RV110W Wireless-N VPN Firewall router
RV110W-A-NA-K9

as far as it being secure you should be fine until 2022, that is when support for that model ends..it is an older unit first on sale in 2011...see here Cisco RV110W Wireless-N VPN Firewall
My concern would be with this spec - VPN throughput (IPSec): 5 Mbps, its pretty low, but should work ok...just understand that you will not be getting the full upload speed you are paying for (if yours is faster than that)...

GKL · Oct 25, 2017

fenderman said:
as far as it being secure you should be fine until 2022, that is when support for that model ends..it is an older unit first on sale in 2011...see here Cisco RV110W Wireless-N VPN Firewall
My concern would be with this spec - VPN throughput (IPSec): 5 Mbps, its pretty low, but should work ok...just understand that you will not be getting the full upload speed you are paying for (if yours is faster than that)...

Thanks for the info, I'd likely be upgrading again before 2022, is the 5 Mbps upload ? If so, that's fine as our upload is about 2 Mbps (download is 12 Mbps)

it also says NAT throughput: 90 Mbps ....is that the download limit ? If so I'm

GKL · Oct 25, 2017

for some reason it keeps cutting off the ends of my posts, here is the rest of what I had typed -

It also says NAT throughput: 90 Mbps ....is that the download limit ? If so I'm definitely under that !

Cisco RV110W Wireless-N VPN Firewall

fenderman · Oct 25, 2017

GKL said:
for some reason it keeps cutting off the ends of my posts, here is the rest of what I had typed -

It also says NAT throughput: 90 Mbps ....is that the download limit ? If so I'm definitely under that !

Cisco RV110W Wireless-N VPN Firewall

That would affect your download speeds when you are on the local network....when using vpn remotely, you would be limited to 5...up and down...
You should be fine, note that due to the units age you should not be paying more that 50-60 dollars for it..newer modern vpn routers can be had for 200...
also note that the router is 10/100 and not gigabit, this may not be an issue for you...

GKL · Oct 25, 2017

fenderman said:
That would affect your download speeds when you are on the local network....when using vpn remotely, you would be limited to 5...up and down...
You should be fine, note that due to the units age you should not be paying more that 50-60 dollars for it..newer modern vpn routers can be had for 200...
also note that the router is 10/100 and not gigabit, this may not be an issue for you...

Usually the only time we'd be using it remotely is when we might occasionally view our security camera on our smartphones when away from our home WIFI. I'm on a budget and needed to keep the price down, (especially after paying for the camera) but it only cost $47.95 on Amazon, no way I could pay $200 for a router right now, the router we are switching from is an old non-VPN Linksys E1000 and it's still working great even for HD streaming video, if it wasn't for needing VPN for the security camera we'd keep using it, so I guess the Cisco RV110W should work at least as good if not better than the E1000 as far as the LAN WIFI, right ?

VPN Primer for Noobs

What VPN Solution are you using?

OpenVPN

IPSec/L2TP

on an OEM Asus Router

on a WRT flashed Router

on a pfSense Router

on my PC NVR (BlueIris, Milestone, etc)

on a dedicated device (Raspbery Pi, VPN Concentrator, etc)

ssh tunnels are the only way to roll

on my NAS (Synology, FreeNAS, etc)

on a OEM Netgear Router

Young grasshopper

Young grasshopper

Getting comfortable

Young grasshopper

Getting the hang of it

n3wb

Pulling my weight

Getting the hang of it

Getting the hang of it

Getting the hang of it

Getting the hang of it

Getting the hang of it

Getting the hang of it

Getting the hang of it

Getting the hang of it