Help With A VPN
#16
Join Date: Apr 2017
Programs: AA, DL, Avis, Enterprise, National, IHG, HH, SPG/MR
Posts: 1,852
#17
FlyerTalk Evangelist
Join Date: Nov 2002
Location: ORD
Posts: 14,231
They focus on WISP and enterprise markets and price about 80% less than the equivalent equipment from Cisco or Juniper. The Unifi line of devices can all be managed from the same controller and are pretty slick.
#18
FlyerTalk Evangelist
Join Date: Mar 2004
Location: Newport Beach, California, USA
Posts: 36,062
They focus on WISP and enterprise markets and price about 80% less than the equivalent equipment from Cisco or Juniper. The Unifi line of devices can all be managed from the same controller and are pretty slick.
#19
Join Date: Apr 2017
Programs: AA, DL, Avis, Enterprise, National, IHG, HH, SPG/MR
Posts: 1,852
As a home user, I'm comfortable with the level of security provided at the LAN-connected machine level. I've had an internet-connected LAN since I can remember and have never had any security issues at the router level. I suppose, if I get paranoid, I can put a hardware firewall in front of the router.
The prices were far lower than I first anticipated. I have to say, though, that from a home user perspective I absolutely despise Cisco (I have no experience with Juniper). I'm sure Cisco products make IT departments who must maintain mission-critical operations reasonably happy. However, I don't like, at all, the user-level comprises that Cisco forces. I can't tell from my quick scan of the Unifi whether these products are similarly over-bearing. They don't appear to be, but I'll look further.
The prices were far lower than I first anticipated. I have to say, though, that from a home user perspective I absolutely despise Cisco (I have no experience with Juniper). I'm sure Cisco products make IT departments who must maintain mission-critical operations reasonably happy. However, I don't like, at all, the user-level comprises that Cisco forces. I can't tell from my quick scan of the Unifi whether these products are similarly over-bearing. They don't appear to be, but I'll look further.
Or, perhaps more importantly, the VPN service in general. I don't think you want unpatched exploits that allow unauthorized users to annex themselves to your LAN. Then machines on your network become much easier to break into.
#20
FlyerTalk Evangelist
Join Date: Nov 2002
Location: ORD
Posts: 14,231
As a home user, I'm comfortable with the level of security provided at the LAN-connected machine level. I've had an internet-connected LAN since I can remember and have never had any security issues at the router level. I suppose, if I get paranoid, I can put a hardware firewall in front of the router.
The prices were far lower than I first anticipated. I have to say, though, that from a home user perspective I absolutely despise Cisco (I have no experience with Juniper). I'm sure Cisco products make IT departments who must maintain mission-critical operations reasonably happy. However, I don't like, at all, the user-level comprises that Cisco forces. I can't tell from my quick scan of the Unifi whether these products are similarly over-bearing. They don't appear to be, but I'll look further.
The prices were far lower than I first anticipated. I have to say, though, that from a home user perspective I absolutely despise Cisco (I have no experience with Juniper). I'm sure Cisco products make IT departments who must maintain mission-critical operations reasonably happy. However, I don't like, at all, the user-level comprises that Cisco forces. I can't tell from my quick scan of the Unifi whether these products are similarly over-bearing. They don't appear to be, but I'll look further.
#21
FlyerTalk Evangelist
Join Date: Mar 2004
Location: Newport Beach, California, USA
Posts: 36,062
I think it's more of a question about how secure the tunnel is from your remote workstation (or whatever platform) to the WAN side of your router.
Or, perhaps more importantly, the VPN service in general. I don't think you want unpatched exploits that allow unauthorized users to annex themselves to your LAN. Then machines on your network become much easier to break into.
Or, perhaps more importantly, the VPN service in general. I don't think you want unpatched exploits that allow unauthorized users to annex themselves to your LAN. Then machines on your network become much easier to break into.
#23
FlyerTalk Evangelist
Join Date: Jun 2005
Posts: 38,410
I want to add a VPN appliance to my home network so that I can tunnel in while on the road. I have some file servers etc. on my LAN that would be useful to access securely. I'm not comfortable opening these up to the WAN with FTP or the like.
Plus I've been considering getting PS Vue. It has some restrictions about needing to be on your home network both periodically and to access RSNs.
Plus I've been considering getting PS Vue. It has some restrictions about needing to be on your home network both periodically and to access RSNs.
I know that it would be completely impossible for me without some third party company providing an intermediate to make it work. It's not merely against their terms of service (home users shall not run servers) but you simply can't reach 10.x.x.x addresses from outside.
Simple test: Open a command prompt and type: "tracert www.google.com" (without the quotes). Look to the right. You may get 4 numbers, you may get a name followed by 4 numbers in brackets. Chances are the first line will be 192.168.x.x. If the second is 10.x.x.x your system is unreachable from outside.
#24
Suspended
Original Poster
Join Date: Jul 2010
Location: Orlando, FL Area
Programs: Delta SkySponge ExtraAbsorbent, SPG Gold
Posts: 29,988
Unfortunately, many ISPs do not permit this unless you pay for business service.
I know that it would be completely impossible for me without some third party company providing an intermediate to make it work. It's not merely against their terms of service (home users shall not run servers) but you simply can't reach 10.x.x.x addresses from outside.
I know that it would be completely impossible for me without some third party company providing an intermediate to make it work. It's not merely against their terms of service (home users shall not run servers) but you simply can't reach 10.x.x.x addresses from outside.
#25
FlyerTalk Evangelist
Join Date: Jun 2005
Posts: 38,410
Netgear very well might be the third party allowing the connection. I have a NAS box here that I could configure for remote access if I chose to even though I have a 10.x.x.x address. The makers of the box provide the intermediate to allow the link.
#27
Suspended
Original Poster
Join Date: Jul 2010
Location: Orlando, FL Area
Programs: Delta SkySponge ExtraAbsorbent, SPG Gold
Posts: 29,988
I'll out myself too. A co-worker is out dealing with a family matter and he is the only one of us that uses a Mac. I was trying to do something for him and hated using it. You guys are really missing out by not having a taskbar. Apple users must not switch between programs or different screens very often.
#28
FlyerTalk Evangelist
Join Date: Oct 2009
Location: ATL Lost Luggage
Programs: Kettle with Kryptonium Medallion Tags
Posts: 10,309
#29
Join Date: Apr 2017
Programs: AA, DL, Avis, Enterprise, National, IHG, HH, SPG/MR
Posts: 1,852
Unfortunately, many ISPs do not permit this unless you pay for business service.
I know that it would be completely impossible for me without some third party company providing an intermediate to make it work. It's not merely against their terms of service (home users shall not run servers) but you simply can't reach 10.x.x.x addresses from outside.
Simple test: Open a command prompt and type: "tracert www.google.com" (without the quotes). Look to the right. You may get 4 numbers, you may get a name followed by 4 numbers in brackets. Chances are the first line will be 192.168.x.x. If the second is 10.x.x.x your system is unreachable from outside.
I know that it would be completely impossible for me without some third party company providing an intermediate to make it work. It's not merely against their terms of service (home users shall not run servers) but you simply can't reach 10.x.x.x addresses from outside.
Simple test: Open a command prompt and type: "tracert www.google.com" (without the quotes). Look to the right. You may get 4 numbers, you may get a name followed by 4 numbers in brackets. Chances are the first line will be 192.168.x.x. If the second is 10.x.x.x your system is unreachable from outside.
#30
Join Date: Sep 2015
Programs: LH SEN; BA Gold
Posts: 8,405
I'll out myself too. A co-worker is out dealing with a family matter and he is the only one of us that uses a Mac. I was trying to do something for him and hated using it. You guys are really missing out by not having a taskbar. Apple users must not switch between programs or different screens very often.