Answer the question
In order to leave comments, you need to log in
What is the best way to organize vpn for remote access in my conditions?
Available:
1) Local network for nat on zyxel keenetic omni 2, Internet access through a mobile operator, dynamic ip.
2) Remote vds on ubuntu.
3) At home Zyxel keenetic giga 2, dynamic ip.
4) Smartphones on android with internet.
It is necessary to organize remote access to devices on the local network (point No. 1) from a home computer and from smartphones. Tim viewers, etc. are not considered, rdp is not suitable, I plan to use vnc or radmin. The strength of encryption is not in the first place, the simplicity and speed of work are more important, because. mainly for remote access. Clients in the LAN must access the Internet through the main interface, i.e. vpn is for remote only.
I thought about openvpn server on vds. But it seems like ipsec is simpler, in the sense that you can configure it on the router and you don’t need to install a client with a new network interface on each computer. In general, I am poorly versed in this and will forgive the help of knowledgeable people.
Answer the question
In order to leave comments, you need to log in
ipsec in setup is more difficult, if that. But, it will save you from configuring clients (if you can configure routers). By the way, in this case, VDS may not be required.
On the other hand, by setting up openvpn on client computers, you can not touch the routers.
In general, both options are good, look at the situation.
At the expense of VNC and radmin - RDP - much more productive and eats less traffic. But, of course, you need Windows. In general, if you need remote access to Windows, then RDP.
Under these circumstances, no way. All-in-one home routers that don't have IPSec at all. Like a class. Theoretically, it is possible to connect a network with a dynamic IP to another network with a dynamic IP (unless, of course, you mess with DynDNS a little, etc. - because at least one side must have a permanent address to connect to it). But it won't just be like Next->Next->Next. This is pure IPSec, with certificates and a lot of headaches like "well, why doesn't this pike want to mess with that gudgeon?"
IPSec in setting, if anything, is noticeably more difficult. Your routers may have PPTP - its protection has already been completely broken, but if encryption is not important, you can try it.
If I understand correctly, when raising IPsec, in order to connect to the Internet from a smartphone, I will have to add another new network (smartphone network) on the ipsec server. Then, it turns out, the easiest option for me is openvpn on vds and a client on each computer and smart.
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question