I'll take a look. Thanks!

The caveat is that, since it seems the project is dead, it hasn't been getting security updates in a while.

They focus on WISP and enterprise markets and price about 80% less than the equivalent equipment from Cisco or Juniper. The Unifi line of devices can all be managed from the same controller and are pretty slick.

As a home user, I'm comfortable with the level of security provided at the LAN-connected machine level. I've had an internet-connected LAN since I can remember and have never had any security issues at the router level. I suppose, if I get paranoid, I can put a hardware firewall in front of the router.

The prices were far lower than I first anticipated. I have to say, though, that from a home user perspective I absolutely despise Cisco (I have no experience with Juniper). I'm sure Cisco products make IT departments who must maintain mission-critical operations reasonably happy. However, I don't like, at all, the user-level comprises that Cisco forces. I can't tell from my quick scan of the Unifi whether these products are similarly over-bearing. They don't appear to be, but I'll look further.

I think it's more of a question about how secure the tunnel is from your remote workstation (or whatever platform) to the WAN side of your router.

Or, perhaps more importantly, the VPN service in general. I don't think you want unpatched exploits that allow unauthorized users to annex themselves to your LAN. Then machines on your network become much easier to break into.

This is more what I was getting at.

You can demo the Unifi controller at demo.ubnt.com.

I understand that. All of the machines on my LAN, both Windows and Linux, run firewalls and anti-malware software, and I'm less concerned about things like the ROKUs. As has been proven repeatedly, anyone who is really determined and skilled enough can hack into any system. If someone really wants into my dinky home system, they'll get in, but they're going to be very disappointed once they get there. My main concern is malware that converts my computers into zombies. That's never happened and, frankly, if it did happen, it would be because my wife opened something she shouldn't have, and not from someone hacking my VPN router.

Thanks for the advice on the home VPN. I'll have to make that a weekend project.

Unfortunately, many ISPs do not permit this unless you pay for business service.

I know that it would be completely impossible for me without some third party company providing an intermediate to make it work. It's not merely against their terms of service (home users shall not run servers) but you simply can't reach 10.x.x.x addresses from outside.

Simple test: Open a command prompt and type: "tracert www.google.com" (without the quotes). Look to the right. You may get 4 numbers, you may get a name followed by 4 numbers in brackets. Chances are the first line will be 192.168.x.x. If the second is 10.x.x.x your system is unreachable from outside.

I don't know the technical details but I have a home server powered by Netgear that I am able to access from anywhere.

Netgear very well might be the third party allowing the connection. I have a NAS box here that I could configure for remote access if I chose to even though I have a 10.x.x.x address. The makers of the box provide the intermediate to allow the link.

You just outed yourself as a windows user...

I'll out myself too. A co-worker is out dealing with a family matter and he is the only one of us that uses a Mac. I was trying to do something for him and hated using it. You guys are really missing out by not having a taskbar. Apple users must not switch between programs or different screens very often.

I'm not an Apple user either.

This does not make any sense. I used the built in Windows PPTP service on a home server for many years.

OT: cmd+tab, much!? Taskbars are pointless if you're using keyboard combos anyway. I never use the dock on Macs or the taskbar on Windows.