Jump to content
Not connected, Your IP: 18.119.120.59
Sign in to follow this  
politas

Private network between multiple connections

Recommended Posts

I am wondering if it is possible to set up a private vpn tunnel directly between devices connected to AirVPN, so that I can have a secure connection back to my home machine from a remote location, for SSH or whatever. This would make AirVPN a very attractive service for very small businesses, I would think. Getting VPN ability without having to set up and, maintain your own VPN infrastructure.

Share this post


Link to post

I am wondering if it is possible to set up a private vpn tunnel directly between devices connected to AirVPN, so that I can have a secure connection back to my home machine from a remote location, for SSH or whatever.
 

 

 

Hello.

You can actually achieve it simply with port forwarding.

You can do it for SSH by adding the correct port in the config file and restarting the daemon.

 

 

 

This would make AirVPN a very attractive service for very small businesses, I would think.
 

 

 

 

Quite the contrary It would make security minded people ditch the service immediately. Since it will mean that any user can access

any other VPN user's network resources without any network separation. Might be acceptable for corporate VPNs, a nightmare idea for

public VPNs. Users of public VPNs cannot be trusted on your LAN, in which most cases traditional firewalls fail - they see the RFC1918

networks as trusted by default (Air uses 10.0.0.0/8), an example is the Windows Firewall.

 

 

 

Getting VPN ability without having to set up and, maintain your own VPN infrastructure.
 

 

 

 

The only setup required is the obvious VPN tunnel, your network services configured properly, and functional port

forwarding config. Skipping thru your suggestion, all the above steps are applicable for any network service. If you

will properly forward ports, the actual LAN<->LAN traffic rule by Air will have zero negative affect on your setup. Just

make sure you have the right daemons set up properly and you will even benefit from an additional default security

layer.


Occasional moderator, sometimes BOFH. Opinions are my own, except when my wife disagrees.

Share this post


Link to post

Hello.

You can actually achieve it simply with port forwarding.

You can do it for SSH by adding the correct port in the config file and restarting the daemon.

 

Quite the contrary It would make security minded people ditch the service immediately. Since it will mean that any user can access

any other VPN user's network resources without any network separation. 

I can only think that you've misunderstood what I'm asking. My idea is that the AirVPN client could set up a secondary secure tunnel between a single user's multiple connections. Port forwarding means leaving an open SSH server to the Internet, able to be discovered by port scanning, which I specifically don't want to do. I'd like to have a separate subnet that I know will only be accessed by someone using my AirVPN certificate. I don't want to allow any arbitrary AirVPN user to access it; that would be patently pointless.

Share this post


Link to post

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
  • Security Check
    Play CAPTCHA Audio
    Refresh Image
Sign in to follow this  

×
×
  • Create New...