Question for the network guru's. My Asus RT-AC1900P appears to have died. It was setup behind an AT&T Modem so that I could use the VPN functionality of the RT-AC1900P. I also have a Synology DS218+ that has a built-in VPN Server. Part of the setup on the Synology requires that I forward a port on my AT&T Modem to the Synology, is this deemed safe or should I replace my Asus router?
VPN Synology NAS vs. Asus RT-AC1900P
- Thread starter upstech76
- Start date
mat200
IPCT Contributor
- Joined
- Jan 17, 2017
- Messages
- 13,892
- Reaction score
- 23,182
fenderman
Staff member
- Joined
- Mar 9, 2014
- Messages
- 36,901
- Reaction score
- 21,269
It is safe.
Mike A.
Known around here
- Joined
- May 6, 2017
- Messages
- 3,828
- Reaction score
- 6,385
If it were a case where you had the Asus upfront of everything else, then I'd say replace it. But behind the AT&T modem/router (which I don't think is a true bridge) doesn't make much difference in that case.
Before you expose anything directly you should make sure that it's been updated for known vulnerabilities.
Synology : Security vulnerabilities
Same would apply to the Asus. It's had issues of its own.
Don't know whether there's any significant performance advantage to one or the other. Looking quickly I do see some complaints about the Synology VPN being slow but didn't dig in to see if that's user error, config, whatever. Might take a deeper look. Also check the client setup to make sure that works well on whatever you'd be using to access it. I'd assume that Synology is good as far as common things go but never know what and what versions, etc., somebody might be using.
Before you expose anything directly you should make sure that it's been updated for known vulnerabilities.
Synology : Security vulnerabilities
Same would apply to the Asus. It's had issues of its own.
Don't know whether there's any significant performance advantage to one or the other. Looking quickly I do see some complaints about the Synology VPN being slow but didn't dig in to see if that's user error, config, whatever. Might take a deeper look. Also check the client setup to make sure that works well on whatever you'd be using to access it. I'd assume that Synology is good as far as common things go but never know what and what versions, etc., somebody might be using.
catcamstar
Known around here
- Joined
- Jan 28, 2018
- Messages
- 1,659
- Reaction score
- 1,193
I personally wouldn't accept to have "internet inbound connections" (even limited to the OpenVPN port) on a device which host all my precious private stuff. My NAS is behind 2 firewalls and within a proper vlan on its own.
Mike A.
Known around here
- Joined
- May 6, 2017
- Messages
- 3,828
- Reaction score
- 6,385
That's a good point.
So this is AT&T DSL? Because with a cable modem running VPN on a router is easy. I have also run VPN on a Synology NAS, but I too was not completely comfortable that I had all the correct firewall rules. I'm more comfortable with VPN on the router.
Yes, AT&T Uverse is the provider. I have to setup DMZ Mode and point it at the Asus router to make it work. Considering switching to Comcast to make life easier!
Comcast is simple as long as you buy your own comcast approved cable modem. In practice then you have an unchanging IP and a simple, always on ethernet connection that doesn't even require a login.
If you decide to use their cable modem and turn wifi off they will periodically turn wifi back on to use your service for public xfinity wireless access. They suck as a company, so keeping their hardware out of the house is a good practice. Also changing DNS will help keep them from selling your web browsing activity to third parties.
So after much tinkering with the network, I have confirmed that the Asus Router WAN port has died but also found that you can turn one of the LAN ports into a failover WAN. Got everything reconfigured and back going as it should be. Guess I'll buy another router at some point so that I can send this one in for warranty repair. Appreciate the advice from everyone on this thread. Does anyone have experience with the Asus warranty service?