Suggestions for VPN server setup for home

Notice: Page may contain affiliate links for which we may earn a small commission through services like Amazon Affiliates or Skimlinks.
T

thecoffeeguy

Member
Mar 10, 2016
119
1
18
48
Greetings folks.

Per the subject line, I am in need of setting up a VPN to reach my home lab network while on the road. I travel a lot for work and my home lab has grown to be a very efficient resource that i need to access while traveling. My laptop is just not cutting it anymore so I am in need something more robust.

First, my layout:

Cable internet (90down/15up, double checking)
Ubiquiti edgerouter X
24 port cisco switch
(2) ESXi servers, total of 12 NIC's with VLANs setup and a few other goodies.

My initial thought was openVPN server. I thought about adding a OpenVPN server as a VM to one of my ESXi boxes, but i thought it may be better to dedicate it's own box. Building on that if i decide to go that route, i would like to maybe get a really small form factor (something like a shuttle case or similar) that is just for the VPN piece.

I was hoping to get other users feedback from their experiences with VPN servers (open or others) and learn from their setups and get their recommendations.

Company is paying for it so i have a bigger budget, but trying to save some of that for more storage for my ESXi servers. :)

Much appreciated.

Cheers,

TCG
 
P

PigLover

Moderator
Jan 26, 2011
3,186
1,545
113
Replace the edgerouter with pfSense and run the openVPN package. Works perfect, integrated with the firewall pf rulebase so no insecure traffic ever touches the LAN side of your network.

Sent from my SM-G950U using Tapatalk
 
  • Like
Reactions: Amrhn, niekbergboer and gigatexal
T

thecoffeeguy

Member
Mar 10, 2016
119
1
18
48
Ya, i had poked around a bit and read other threads on that. seems to be the recommendation for best performance was to place a dedicated/concentrator VPN server behind the edgerouter. The specs are very minimal from what i can tell. I was looking for a very small form factor (something I can just sit on my desk basically) and install it on.

much appreciated.
 
P

poutnik

Member
Apr 3, 2013
119
14
18
I have been using pfSense on Alix and APU boards to provide firewall and OpenVPN access for several years - it allows me to access my home lab and my wife's office from both notebook and mobile phone. Relatively easy to setup, speed is adequate. It would also fit your need for small form factor and power consumption is also not sky-high... Link to the manufacturer.

Jiri
 
  • Like
Reactions: Amrhn
V

vpnforroobet

New Member
Sep 23, 2022
2
0
1
USA
Suggestions for VPN server setup for home:

1. Location, location, location: When choosing a location for your VPN server, try to find a spot that is as central as possible to your user base. This will help minimize latency (i.e., the delay in the time it takes for data to travel between your users and the VPN server).

2. Hardware requirements: In order to run a VPN server, you will need a machine with at least two network interfaces - one for the public internet and one for the private network (the "intranet"). The machine should also have enough processing power and memory to handle the load of running both a VPN server and multiple client connections.

3. Operating system: There are many different operating systems that can be used to run a VPN server (e.g., Windows Server, Linux, FreeBSD, etc.). Choose the one that is best suited for your particular needs.

4. VPN software: Once you have chosen an OS for your VPN server, you will need to install VPN software. This will typically be a third-party application, such as OpenVPN, pfSense, or StrongSWAN.

5. Configuration: After the VPN software is installed, you will need to configure it with the appropriate settings for your network. This will include specifying the IP addresses of your public and private network interfaces, as well as the encryption methods and authentication credentials to be used.

6. Firewall: Be sure to configure your firewall to allow traffic on the port(s) used by your VPN software (usually UDP port 500 and/or 4500). You may also need to specify specific IP addresses or ranges of IP addresses that are allowed to connect to the VPN server.

7. Testing: Once everything is up and running, be sure to test the VPN connection from multiple locations to ensure that it is working properly. Try connecting from different devices (e.g., a laptop, smartphone, tablet, etc.) and from different ISPs (if possible). Also, be sure to test the VPN server with multiple clients simultaneously to check for performance issues.

Additional considerations:

- If you are using a VPN server for business purposes, it is important to have a redundant server in place in case of hardware failure. This can be accomplished by using two separate machines, each with its own network interface and running its own instance of the VPN software. Alternatively, you can use a virtual machine (VM) with multiple network adapters, which can be configured to act as a VPN server.

- It is also a good idea to have a backup power supply for your VPN server, in case of a power outage. A UPS (uninterruptible power supply) can provide emergency power for a short period of time, long enough to safely shut down the server or to switch to a backup power source.

- For added security, you may want to consider using a VPN server with a dedicated hardware appliance, such as the Cisco ASA5505-SEC-BUN-K9. This type of device is specifically designed for use as a VPN server and includes features such as a built-in firewall, intrusion detection/prevention, and encryption acceleration.
 
You must log in or register to reply here.
Top Bottom