VPN on dedicated server

ace2109 · 14 Jan 2013 at 18:46

Hi Guys,
Just wondering if this is a good idea or not? I have been playing around with VPN lately and I was just wondering if this would be a good idea to use to connect to a dedicated Server I look after for a local media company?

What are the main benefits and is the following possible?

Instead of SSH to the the server will VPN allow me to connect to the machine as if its on my local network?

Also, silly question im sure but will I be able to see the files on the server as if it was a local file server on my local network?

Skidilliplop · 14 Jan 2013 at 19:33

Yes, yes and yes.
VPN would create a virtual point to point network link between you and the server.
Generally I'd recommend VPN for any form of remote management of anything over an untrusted network. SSH is encrypted but it's still only a password hack away from being breached and having port 22 open to the public internet would just invite unwanted attention. VPN piles on another layer of security and also encrypts traffic you might not otherwise have the ability to protect.
Cons would be - it's more hassle to set up. But if you're treating it as a learning experience then no reason not to.

quackers · 14 Jan 2013 at 22:38

I agree with skidilliplop, VPN is the way to go for remote access. Yes it can be a pain, see my thread lol

ASE001 · 15 Jan 2013 at 09:04

If it's a learning exercise have look at pfsense VM appliance and then install OpenVPN. If you have an old machine handy there is a boot ISO too!

Unfortunately it's bugger to work out how to get it to work (seems complicated), but once the mind clicks (it isn't that complicated) it becomes very easy. Loads of videos on the Youtube on how to set it up.

Very little information though on how to get it to connect through a internet proxy server though, I did eventually get it working and can now connect from work to my test lab at home.

Its definite YES YES YES from me too!

sidethink · 15 Jan 2013 at 09:55

While VPN is probably preferable, SSH can be used for most of the same functions, including tunnelling.

If SSH is already in place it is trivial to switch it to a port other than 22, disable root logons and secure it with private keys. (maybe 30 minutes work).

Skidilliplop · 15 Jan 2013 at 10:39

sidethink said:
While VPN is probably preferable, SSH can be used for most of the same functions, including tunnelling.

If SSH is already in place it is trivial to switch it to a port other than 22, disable root logons and secure it with private keys. (maybe 30 minutes work).

Yes you can tunnel other protocols over SSH, but if he wants to learn VPNs anyway this kills two birds with one stone.

I'd second pfSense for learning, it's free and it's very powerful. OpenVPN is simple and can use SSL over 443 so is more likely to let you out through firewalls with little hassle. IPSec is less practical if you don't have dominion over the local breakout, but would be better to learn as it's more commonly used in corporate networks. (which is i assume why you're learning this)