Results 1 to 10 of 10

Thread: IPSec

  1. #1
    Untanglit
    Join Date
    Jul 2017
    Posts
    21

    Default IPSec

    Hi,

    Quick question before I dive into IPSec and it might not do what I need it to.

    I have a client (Doctor) who is using RDP (non standard port) to remote into her workstation on the network so she can do work from home. What I would like her to do is use a VPN connection to her workstation instead. Is it possible to:

    Setup IPSec so she can use her home computer (Without a firewall at home) to connect into her desktop at the office using a software client?

    If so is that in the documentation for IPSec?

    Thanks for any help!

    Sorry I put this in the wrong thread.
    Last edited by DolphinComputers; 07-18-2017 at 10:15 AM. Reason: Wrong Thread

  2. #2
    Untangler jcoffin's Avatar
    Join Date
    Aug 2008
    Location
    Sunnyvale, CA
    Posts
    9,015

    Default

    You are looking for L2TP in IPsec. https://wiki.untangle.com/index.php/...VPN#VPN_Config
    Attention: Support and help on the Untangle Forums is provided by
    volunteers and community members like yourself.
    If you need Untangle support please call or email support@untangle.com

  3. #3
    Untanglit
    Join Date
    Jul 2017
    Posts
    21

    Default

    Thank you sir!

  4. #4
    Master Untangler
    Join Date
    May 2010
    Location
    Texas, USA
    Posts
    708

    Default

    Also remote desktop over a non standard port does nothing for security.

    There is no point in changing the port, as any port scanner will find rdp on the non standard port in a second - so it really is no protection at all.

    Sent from my SM-G955U using Tapatalk

  5. #5
    Master Untangler dmor's Avatar
    Join Date
    Jun 2009
    Posts
    676

    Default

    Quote Originally Posted by JasonJoel View Post
    Also remote desktop over a non standard port does nothing for security.

    There is no point in changing the port, as any port scanner will find rdp on the non standard port in a second - so it really is no protection at all.

    Sent from my SM-G955U using Tapatalk
    It is security through obscurity. Not really safe, but might slightly reduce your odds of getting brute-forced. Really shouldn't consider it secure though.


    Sent from my iPhone using Tapatalk

  6. #6
    Master Untangler
    Join Date
    Dec 2010
    Location
    Southfield, MI
    Posts
    178

    Default

    I think the cheaper and easier way to do this is with the OpenVPN module

  7. #7
    Master Untangler
    Join Date
    Apr 2017
    Posts
    141

    Default

    Quote Originally Posted by yotefn View Post
    I think the cheaper and easier way to do this is with the OpenVPN module
    For my own education, can you expand a little on why it is cheaper and easier with OpenVPN?
    I'm not questioning your assertion, I'm new to this stuff myself and am trying to learn all that I can.

  8. #8
    Master Untangler dmor's Avatar
    Join Date
    Jun 2009
    Posts
    676

    Default

    Quote Originally Posted by chaycock View Post
    For my own education, can you expand a little on why it is cheaper and easier with OpenVPN?
    I'm not questioning your assertion, I'm new to this stuff myself and am trying to learn all that I can.
    Untangle charges for their IPsec functionality. If you already have a subscription though, then it won't cost any extra.

  9. #9
    Untangler jcoffin's Avatar
    Join Date
    Aug 2008
    Location
    Sunnyvale, CA
    Posts
    9,015

    Default

    There are pros and cons to either. L2TP over IPsec is built-in to most OSs so there is no application to install on remote PCs. OpenVPN uses UDP which is more likely to get through firewalls. I've also seen performance differences go either way depending on the networks they are going across.
    Attention: Support and help on the Untangle Forums is provided by
    volunteers and community members like yourself.
    If you need Untangle support please call or email support@untangle.com

  10. #10
    Master Untangler dmor's Avatar
    Join Date
    Jun 2009
    Posts
    676

    Default

    I have also used the IKEv2 as a dial-in VPN with Untangle. It only seems to stay connected if doing full-tunnel. But otherwise has seemed to work well. I don't think many people are using it with Untangle as a dial-in VPN though (at least not on a desktop OS). I'd suggest you stick with what the masses are using. That would be L2TP or OpenVPN.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

SEO by vBSEO 3.6.0 PL2