VPN

Comments

15 comments

  • Avatar
    Firewalla

    You sure can.  You just need to connect over VPN, and access the NAS/Remote desktop just as if you are at home.  Everything will be encrypted 

    0
    Comment actions Permalink
  • Avatar
    Dxbjbox

    This is good to know. I connected with the OpenVPN client on my iPad. I can surf the internet but cannot access anything locally. I’m trying the MS RDesktop client and that does not work and cannot connect to my NAS system. I did noticed the VPN IP address is not the same as my local network. Any suggestions? 

    0
    Comment actions Permalink
  • Avatar
    Firewalla

    Can you connect via an IP address?  The VPN IP address is connected to your local network, so anything on your network is visible to you.

    0
    Comment actions Permalink
  • Avatar
    Dxbjbox

    That worked. Is there a way to configure the VPN connection to use my local DNS servers?

    0
    Comment actions Permalink
  • Avatar
    Dxbjbox

    If I use the fully qualified DNS name of the NAS box i’m able to connect. 

    0
    Comment actions Permalink
  • Avatar
    Firewalla

    Is your DNS something xxx.local?  If it is part of MDNS, it may not work, since firewalla VPN server is on a different network segment.  If it is part of the DNS system, one way is to add this line to your .ovpn file (advanced work)

    dhcp-option DNS 192.x.x.x  
    0
    Comment actions Permalink
  • Avatar
    Bill Langlais

    I have two homes. one in the US and one in Canada.  Could I put a firewalla in both locations to connect the networks together transparently and securely.   In addition to having access to the devices (computers, NAS ,,,) I would like to also remote desktop (I am windows) to connect from one machine to the other and I would also like to watch streaming services from my US based computer in Canada using remote Desktop.

    Will your devices allow me to do this without additional hardware, or if needed what else.   Also which of your devices, including the gold available on indiegogo would be the best for this?

    Thanks!

    0
    Comment actions Permalink
  • Avatar
    Firewalla

    Depends on your requirement, if you want both sites to see each other devices, you will need to use the site to site VPN.  See this article https://help.firewalla.com/hc/en-us/articles/360023379953-VPN-Client-Beta-

    When site to site VPN is enabled, make sure both sides have different networks. (For example, both CAN NOT BE ALL 192.168.1.x;  one can be 192.168.1.x and the other is 192.168.2.x)

    If you do not need access both ways, the simple client to server VPN is useful.  Same document will help you out 

    0
    Comment actions Permalink
  • Avatar
    Steve

    So I connected to my Firewalla VPN the other day from a hotel wifi network. Everything worked perfectly especially as the bandwidth at my home is much faster than was being provided to me at the hotel. But during my 12 hour session, I did see data usage on the VPN network, but no client was shown either during or after the session. I would think that I'd be able to see the client that connected somewhere and not just that data was served through that connection... Am I missing this somewhere?

    Also, is there a limit to the number of concurrent VPN connections that can (should be) maintained at one time? Is this configurable? 

    Thanks!

    0
    Comment actions Permalink
  • Avatar
    Firewalla

    What do you mean about the client not shown?  Is it the connected client? or you are not sure if your VPN is active?  

    For the VPN server, there is NO artificial limit on the number of connections.  Since our little box is for homes and small businesses, you will likely encounter bandwidth (encryption) limitations before you hit connection limitations.

     

    0
    Comment actions Permalink
  • Avatar
    Steve

    I know the VPN was active. I was connected to it on my iPhone from the hotel and could hit my NAS’ private address. But nowhere in the Firewalla app could I find evidence of what client was connected via VPN. I can see that so much data had gone through the VPN but unlike on the guest-LAN, the Firewalla-VPN tab does not have “devices” listed. I would think that I should be able to tie the VPN data transferred to a particular device name and IP address on the VPN subnet.

    0
    Comment actions Permalink
  • Avatar
    Support Team

    The ability to show the number of active VPN connections will be there in the next App release. 

    And if we are going to provide some level of the client detail, what do you expect to see?

    We are able to provide the IP Address and the data transferred of a VPN connection, but currently, it's not quite possible to "tie the VPN data transferred to a particular device name", because even if you are using the same device, every time you establish a new connection (through any WiFi or 4G/5G network), the IP address can be different.

    0
    Comment actions Permalink
  • Avatar
    Steve

    Okay, I think I am understanding the issue now. In previous VPN setups that I have administered, there was an option to set up a handful of credentials instead of just one set. But I see now that if your implementation only allows a single set of credentials, then there is no way to know who is using it at any one point in time. But if I could set up say three sets of credentials, then I should be able to know which set was being used when there was activity.

    But if three members of my family all share the same credentials, then I see the issue. So in the current implementation, perhaps even just to know the source IP from which the VPN was established and maybe an alarm that could go off when there is VPN activity. Just thinking out loud here...

    0
    Comment actions Permalink
  • Avatar
    Support Team

    Exactly.

    VPN Activity alarm is already there. You can go to Alarm Settings -> VPN Activity to see if the type of alarms is on. 

    We are also experimenting with a new VPN solution that will provide multiple credentials, hopefully, it will be ready for beta testing soon. 

     

     

    0
    Comment actions Permalink
  • Avatar
    Steve

    Okay. Cool. Just found the VPN alarm. It was muted. Not sure if I muted it or if it started that way by default, but happy to have found it. I will test the alarm soon to see if it exposes the geo location of the VPN connection when it is activated similar to other alarms.

    0
    Comment actions Permalink

Please sign in to leave a comment.