Jump to content
Not connected, Your IP: 18.188.63.71
txtseam

Can other vpn users connect to my machine?

Recommended Posts

Is it dangerous to allow all traffic in and out of the tun interface?

 

I noticed that via the tun device it has an IP address. Say my ip on tun0 is 10.4.29.50 and that I'm running a web server or Plex and it listens on all interfaces. Does this mean that other VPN users can connect to my 10.4.29.50 and use my services?

 

Should I be worried about this at all and start configuring my firewall to only let specific traffic out of the tun0 device?

Share this post


Link to post

Is it dangerous to allow all traffic in and out of the tun interface?

 

I noticed that via the tun device it has an IP address. Say my ip on tun0 is 10.4.29.50 and that I'm running a web server or Plex and it listens on all interfaces. Does this mean that other VPN users can connect to my 10.4.29.50 and use my services?

 

Should I be worried about this at all and start configuring my firewall to only let specific traffic out of the tun0 device?

 

Hello,

 

in a VPN in which all nodes are trusted, direct connections between nodes inside the VPN can be desirable (to share resources, for example, and more). In a public service like ours nodes of course can not be trusted. Therefore we do not allow direct connections between nodes inside the VPN.

 

Kind regards

Share this post


Link to post

As a precaution, although 99.999% everything is perfectly configured on Air's side and it was verified

by many users over the years, it's a good idea to have your own firewall rules set on tun0 interface.

Not only it makes you more secure in case of failure on the provider side, but it also allows you to

have the ability to switch between providers and never worry that something is poorly configured on

their end. In other words, this shouldn't be a question, you should trust only your own setup always.


Occasional moderator, sometimes BOFH. Opinions are my own, except when my wife disagrees.

Share this post


Link to post

As a precaution, although 99.999% everything is perfectly configured on Air's side and it was verified

by many users over the years, it's a good idea to have your own firewall rules set on tun0 interface.

Not only it makes you more secure in case of failure on the provider side, but it also allows you to

have the ability to switch between providers and never worry that something is poorly configured on

their end. In other words, this shouldn't be a question, you should trust only your own setup always.

 

 

Exactly.  I have always appreciated the way Air "tells" us to setup partitions of trust and/or our own firewall rules if desired.  Eddie tests solidly, but nothing is as sure fire as when a hobbyist user fortifies the system on their end, in tandem with Air's fine client and their behind the scenes support team.  Air teamed with a hobbyist user makes for a pretty formidable communication model.

Share this post


Link to post

Anyone using ZoneAlarm free edition with AirVPN to block VPN users from connecting your machine/network?

Thanks in advance.

Share this post


Link to post

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
  • Security Check
    Play CAPTCHA Audio
    Refresh Image

×
×
  • Create New...