Hi,
As a follow-up to this thread:
https://www.eevblog.com/forum/security/rdp-brute-force-attacks-on-my-pc-caused-monitors-to-flash-black/I ended up with this odd situation:
- My ISP provides me with a router for fibre. It has a RF connector with CATV and DVB-T, analog phone connectors and of course 4x 1GBit LAN ports. There is no way I can replace this router and it does not offer VPN server functionality.
- My internet connection is 1GBit/s download and 200MBit/s upload.
- I need to use RDP with a big bandwidth. I acknowledge that I should not open the RDP port to the internet and use VPN instead.
- Currently I use a cheap TP-Link router with DD-Wrt as an access point (I have three actually) and one is acting as the VPN server.
This solution has an issue: the TP-Link acting as VPN Server has too little performance and the RDP session run through VPN is several magnitudes slower as compared with a direct RDP access without VPN.
Conclusion: I want a FAST VPN server!
I was recommended to NOT run a VPN server on the computer i want to RDP to, for the same reasons I should not open the RDP port. Makes sense, kind of...
So I went today and bought which seemed the best option router-wise, considering by budget: an Asus RT-AC1750U. The "U" meaning it is NOT compatible with DD-WRT, Merlin or OpenWRT.
I bought it, because of the fact that it is modern and has dual core CPU. Plus, the stock firmware has a VPN server.
Turns out, that Asus decided that you can only get to use the VPN server if you run the device in Router mode. If you configure it to Access Point mode, it won't even show the VPN menu.
This sucks, because in Router mode, the device expects incoming VPN requests only on the WAN port, which has to be in a different subnet.
Having two routers in series is not that nice, because I would have to configure the ISP router to consider the second router in the DMZ. While that is not a real problem security wise (the router is supposed to be connected to the internet anyway), it will add lag (an additional router) plus I am not so sure about other oddities like UPnP issues.
No problem money-wise, as I can return the router for a full refund.
HOWEVER (and this is the question): I did not find any solution for my problem!!!
1) There seems to be no DD-WRT compatible router (DD-Wrt being a FW I like and which for sure would do what I want)
2) I did not find any (professional, but on the lower end of prices) stand-alone VPN server. Is there any? Remember: I don't want a router - I already have one, which I need to use.
3) I don't want to setup a whole dedicated computer (too expensive energy-wise). Of course I could use one of my three IBM M3650M3 servers, one even has full network options with, I don't recall, some 10 or more LAN ports... But this beast is to loud and consumes too much power for 24/7 use. In case you are wondering, I use them for R&D (automated multi-session CAM programming).
*** SO HOW SHOULD I SETUP A FAST VPN? ***
Thank you gentlemen! I hope I get some expert suggestions, especially from those that pushed me towards the VPN solution in the first place...
Regards,
Vitor
Home
Help
Search
Login
Register
