What's new

Using policy based routing, do i have a firewall?

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

Karen S

New Around Here
Hi everyone! I am new here and a totally lost when it comes to network setups.

I have an Asus RT-AC87u (Merlin FW 380.57) with an openvpn client installed. I only want my NAS-server to be routed through my VPN, so I have setup a policy rule in the router so that only my NAS IP uses VPN.

Now to my question, do my router firewall protect my NAS-server? Or is it directly exposed from the outside?

Thanks in advance!
Karen
 
Unless your tunnel provider firewalls or NAT your connection, then no, devices connected to the VPN tunnel won't be firewalled from connections coming through the VPN tunnel.

I heard some tunnel providers let you control this on their end.

When using one of those tunnel providers, people need to keep in mind that:

a) VPNs were intended to allow you to bypass a firewall
b) In a VPN setup, you should be able to trust both ends of the tunnels

When using a tunnel provider, you are putting a lot of trust into that provider.
 
Hi everyone! I am new here and a totally lost when it comes to network setups.

I have an Asus RT-AC87u (Merlin FW 380.57) with an openvpn client installed. I only want my NAS-server to be routed through my VPN, so I have setup a policy rule in the router so that only my NAS IP uses VPN.

Now to my question, do my router firewall protect my NAS-server? Or is it directly exposed from the outside?

Thanks in advance!
Karen
Also you should update to 380.58 which just came out. Many fixes for VPN and other features well worth it for your 87u
 
Thank you so much RMerlin and yorgi!

Is there anyway to get around this problem, any kind of software setup?

Best regards
Karen
 
Thank you so much RMerlin and yorgi!

Is there anyway to get around this problem, any kind of software setup?

Best regards
Karen
is the vpn client like PIA or ExpressVPN?
or is it a server setup on your router?
If its setup from your router I would assume its safe because the tunnel is fire-walled and encrypted.
if its PIA or other services like that you would have to ask them and see what support they offer on their tunnel.
but I wouldn't trust a NAT on a VPN service, if it where my own server then I would trust it :)
 
is the vpn client like PIA or ExpressVPN?
or is it a server setup on your router?
If its setup from your router I would assume its safe because the tunnel is fire-walled and encrypted.
if its PIA or other services like that you would have to ask them and see what support they offer on their tunnel.
but I wouldn't trust a NAT on a VPN service, if it where my own server then I would trust it :)

Thanks yorgi!

Its a VPN client like PIA, so i don`t trust them. I will see if i can set up a software firewall in my NAS-server using IPFW.
 
Thank you so much RMerlin and yorgi!

Is there anyway to get around this problem, any kind of software setup?

Best regards
Karen

Either check if the connection is NATted by them (which would be the simplest), or start configuring your own firewall rules on the router through user scripts. You'll want inbound rules between tun11 and br0 (the LAN bridge) most likely. I don't know the details, I've never looked at it.
 
Either check if the connection is NATted by them (which would be the simplest), or start configuring your own firewall rules on the router through user scripts. You'll want inbound rules between tun11 and br0 (the LAN bridge) most likely. I don't know the details, I've never looked at it.

My tunnel isent`t NATted. Will figure something out.
Thanks alot!
 

Similar threads

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top