Remote access VPN?

[L&LD]

We're reading the same story yet we understand differently. cool.

 

[elorimer]

Using unique, strong, random 16+char passwords with MFA is the way to go. Teamviewer is still safe

I hope we aren't going to end up with a locked thread. MFA is a huge help over a strong password. I think the issue is that you are dependent on a third party server to which the host computer is always attached; same for some VPN solutions. The OpenVPN route takes that third party out of the equation.

Also, the OP isn't necessarily looking for RDP; she's looking for security (maybe the Starbucks thing) and file access (maybe home NAS or NextCloud).

 

[Viktor Jaep]

I hope we aren't going to end up with a locked thread. MFA is a huge help over a strong password. I think the issue is that you are dependent on a third party server to which the host computer is always attached; same for a some VPN solutions. The OpenVPN route takes that third party out of the equation.

Also, the OP isn't necessarily looking for RDP; she's looking for security (maybe the Starbucks thing) and file access (maybe home NAS or NextCloud).

There's plusses and minuses with whichever route you go with. I'm just strictly dropping my 2 cents here for its ease of use compared to running your own OpenVPN server... but really, have at it. I fully support going the OpenVPN route. It's available, so why not use it! Luckily there's lots of alternatives.

 

[sfx2000]

I'll acknowledge that some folks have concerns with TeamVIewer...

That being said - properly deployed, it's no less secure than any other option out there...

Security Statement - TeamViewer Support

TL;DR - Executive Summary All TeamViewer versions use full encryption. Encryption is based on 4096bit RSA private/public key exchange and 256 Bit AES session encoding. This uses the same security level as https/SSL and is considered completely safe by today's standards. The key exchange also...

community.teamviewer.com

 

[Ozymandyus]

Hi folks, I did have one follow-up question. In the logs for the OpenVPN connection, I get recurring non-critical but persistent errors regarding MTU config mismatch:

WARNING: 'link-mtu' is used inconsistently, local='link-mtu 1541', remote='link-mtu 1557'

Where 'local' is actually the machine where I'm remoting in from and 'remote' is the home router. In the WAN settings on my router I can see under 'Special Requirement from ISP' a setting for 'WAN MTU' but modifying this to try to match doesn't seem to have any effect. Presumably I need to change this setting in the OpenVPN config file that's used to setup the connection? Or is this trivial enough not to bother?