Monkey_Demon
Explorer
- Joined
- Nov 11, 2016
- Messages
- 85
On another thread, "Hot, Warm, and Cold Spares once again," PhiloEpisteme offers excellent advice about setting up a "warm" spare drive. As you can see if you review the thread, the one unresolved issue is how to set things up to activate the warm spare by accessing FreeNAS's GUI.
Philo's advice concludes with this suggestion: "You can run a VPN on your home network and give yourself access that way. I'm not an expert in this area so perhaps you might post another thread or search around for the best way to do this."
This is what I'm doing here. I thought I understood this stuff, but looking into this I realize I don't. Can you help?
My signature documents my FreeNAS system, and I am working on configuring TLS security but have not gotten there yet. My router is a Linksys WRT1900ACS, which can run an OpenVPN server but currently doesn't. Generally, when I'm at remote locations I run commercial VPN software (e.g. NordVPN, IPVanish, etc.) and always thought this was sufficient. But apparently it's not because this is not the same as running a VPN on my home network.
On this forum there is a host of posts about VPN's, but none that I've read clearly address this issue (using commercial VPN vs running on at home), and some warn against doing this (e.g., see NASbox's comment on this thread: "VPN and FreeNAS").
So here are some specific questions:
* Either upgrading my router or just installing something like DD-WRT are on my someday/maybe list, but right now getting this FreeNAS server up to speed is about all I can handle. Even purchasing a different router and configuring it would take up extra time I don't have right now.
Philo's advice concludes with this suggestion: "You can run a VPN on your home network and give yourself access that way. I'm not an expert in this area so perhaps you might post another thread or search around for the best way to do this."
This is what I'm doing here. I thought I understood this stuff, but looking into this I realize I don't. Can you help?
My signature documents my FreeNAS system, and I am working on configuring TLS security but have not gotten there yet. My router is a Linksys WRT1900ACS, which can run an OpenVPN server but currently doesn't. Generally, when I'm at remote locations I run commercial VPN software (e.g. NordVPN, IPVanish, etc.) and always thought this was sufficient. But apparently it's not because this is not the same as running a VPN on my home network.
On this forum there is a host of posts about VPN's, but none that I've read clearly address this issue (using commercial VPN vs running on at home), and some warn against doing this (e.g., see NASbox's comment on this thread: "VPN and FreeNAS").
So here are some specific questions:
- Philo also said, "You should probably use a vpn of some sort to get access to your home network while away. It is a bad idea to expose FreeNAS GUI to the web, it wasn't intended for that." Besides the obvious connectivity exposure, why is the FreeNAS GUI any different than, say, Plex which is designed to be exposed to the web?
- If a router has out-of-the-box security in the form of a firewall and the GUI is password protected, why should there be additional security for accessing the GUI? (I understand a VPN adds encryption, but doesn't the commercial VPN do this too?)
- From a security standpoint, what, if anything, is the difference between using a commercial VPN, like those mentioned above, versus running one locally?
- If running an OpenVPN server on a commercial router is inadequately secure, then what's the recommended solution?*
* Either upgrading my router or just installing something like DD-WRT are on my someday/maybe list, but right now getting this FreeNAS server up to speed is about all I can handle. Even purchasing a different router and configuring it would take up extra time I don't have right now.
