A virtual private network, or VPN, is an encrypted connection over the Internet from a device to a network.
- The encrypted connection helps ensure that sensitive data is safely transmitted.
- It prevents unauthorized people from eavesdropping on the traffic and allows the user to conduct work remotely.
At the heart of the Firewalla VPN, our goal is to ensure secure communication between two endpoints as if they are connected over a local network. To make this happen, firewalla provides two different services at no additional cost.
- Firewalla VPN Server
- Secure access to your home or office network when you are outside/remote.
- Secure access to the internet when you are outside.
- Great for remote working from home and connecting back to the office.
- Great for traveling.
- Firewalla VPN Client
- Connect to the internet via 3rd party VPN services seamlessly without installing VPN software.
- Client and server VPN to link home to work.
- A site-to-site VPN to link two sites together.
Using a combination of these two services, Firewalla can ensure the privacy and protection of your data. Here are some of the use cases. When using a VPN, the Firewalla IDS/IPS protections will still be active, so your network will be protected.
Firewalla VPN services (Server and Client) all run on the Firewalla box. If you want to hide from your ISP, you must subscribe to a 3rd party VPN service (and use Firewalla VPN client).
Secure Access to Home Network
When you are traveling, working at Starbucks, or using a network that may be snooped upon, connecting back to a safe place is the best solution. By connecting to the Firewalla VPN server at home, you can securely access your home devices, as well as surf the internet as if you are at home.
Problem/Risks
- You do not know who is watching you when you are using public Wifi or Wifi owned by someone else.
Solution
- Install Firewalla at home, and enable VPN Server
- Install a VPN client on your phone and/or laptop
- Your network traffic will always be encrypted first and sent to your home before reaching its destination.
- It will be like accessing the network from home, and you also have full access to devices at home.
Secure Access to the Office Network
If you are working from home and need to access office devices, such as security cameras, file servers, etc, VPN is the best solution.
Problem/Risks
- You have important business-related data that should be protected. You do not want this to be visible to the public network (including your service provider).
Solution
- Install Firewalla at work, and enable VPN Server
- Install the OpenVPN client on your laptop or Phone.
- You can also Install Firewalla at home and enable VPN Client, allowing you to connect any device to the office.
- Your network traffic will always be encrypted first and sent to your office before reaching its destination.
(Firewalla also supports WireGuard protocol)
Connecting Multiple Networks with Site to Site VPN
If you have multiple offices or homes, you can use Site to site VPN to connect the networks together over encrypted links. You can access shared devices such as file servers, printers, and video cameras bi-directionally between any two sites.
Problem/Risks
- You have multiple offices (or home offices), and you want resources shared between the offices securely
Solution
- Install a Firewalla box at each site
- Follow the site-to-site VPN installation guide.
Third-Party VPN
If you are using third-party VPNs to shield your data from ISP / Government and want more devices (even those who can't install VPN client) to use the same service, you should use the Firewalla VPN Client feature.
Firewalla does NOT provide the 3rd party VPN service.
Problem/Risks:
- You want to shield your data from ISP or Government.
- Your company/school requires you to use VPN when working from home or taking online courses.
- You have IoT devices that can not install VPN Client software (e.g. Apple TV), yet you want to have them access the network via VPN.
Solution
- Install Firewalla at home
- Firewalla supports OpenVPN, WireGuard, and AnyConnect VPN protocols.
You can sign up for a 3rd party VPN services including:- NordVPN
- ExpressVPN
- Smart DNS Proxy
- IPVanish VPN
- PureVPN
- Many others are also supported; we have not tested them all.
- Use the Firewalla VPN Client feature to tunnel any device to the VPN server
VPN and Network Segmentation
The Firewalla Gold/Purple will allow you to create network segmentation and configure VPN at the individual segment level. For example, to make working from home more convenient, you can dedicate one port as a VPN network segment, and when you access that segment, you are directly connected to your office through the Firewalla VPN client/server.
Summary of the VPN Capabilities
Firewalla Red | Firewalla Blue/Blue Plus | Firewalla Gold/Purple | |
VPN Client | Yes | Yes | Yes |
VPN Server | Yes | Yes | Yes |
VPN Site-to-Site | Client Only | Client & Server | Client & Server |
Segmentation | No | No | Yes |
Comments
1 comment
I have got the VPN client to work just fine with Private Internet Access using OpenVPN.
Please sign in to leave a comment.