VPN Between Friends and Family

after publishing my modernized dwelling network tour video many of you asked me to show more about my firewall setup and all of these VPN contacts so let’s talk about it[ Music][ Music] so let’s start with covering my firewall and Supermicro server that it runs on I got a lot of questions about this the hardware i select is a Super Micro 501 8 D F and 80 ultimately this is nothing more than an Intel Xeon rack server nonetheless Super Micro specifically designed it to be used as a firewall or router device hence the 1u small formfactor with the front facing system ports the fans are also designed to be reversible to change the direction of air flow this gives you numerous organizing alternatives in my occasion I’ve inhabited the firewalls motherboard with 32 gigabytes of RAM and a 500 gigabyte nvme drive the gadget likewise features ipmi conduct intend I can connect to the keyboard mouse or video remotely over Ethernet even when the box is powered off or even if it hurtles now being that at the end of the day this is simply a server you can write anything on here that you want I chose to run pfSense it’s the world’s most popular opensource firewall far outstripping its antagonists with this level of vogue it necessitates a rock solid reliable codebase incredible community approval and lots of thirdparty bundles and amalgamations that being said there are plenty of other good options including open Sense and untangle to refer a couple so it might not surprised to see me then that most of my friends and family likewise operated pfsense for their firewall so let’s talk about a VPN between friends and family I have countless VPNs up and running some for remote manoeuvres some for sitetosite contacts I’m only going to discuss two of them today in detail for brevity and because I thought they were the most interesting mild asun my brother and I all live here in North Texas I live in the northern part of a town referred Keller my brother lives in a small town worded Kennedale and my lad lives in West Fort Worth my brother is 23 miles away as the fledgling flies or about 37 kilometres while my lad is 14 miles or 23 kilometers away so let’s stop right there some of you are already saying 23 miles out you should just use your BIC wa t heir fibers at that interval you’ll get 1.5 gigabits between you well we actually considered doing just this and that would have been awesome regrettably “its just” not meant to be if you look at the airFiber planning map you can see we are associated clogged at both points due to terrain between our houses so no air fibers for us in fact the only solution that would fix this would be for us both to install towers at our houses and install the air fibers atop them nonetheless these fortress “wouldve been” 246 feet tall that’s 75 rhythms I don’t think our neighbors or the city would be too happy if we were to do this so VPN it is then fortunately I am in zones where I have symmetrical gigabit service from frontier communications my son’s vicinity has AT& T fiber but he is only willing to spend enough to get symmetrical 300 megabits service and poor David where he lives he can only get spectrum internet at about 90 Meg down and 10 Meg up as mentioned previously I have the super micro server as my pfSense box and my lad and David both have my favorite Amazon noname chests for PF sense these caskets are fanless while still being quite powerful with that all in place we simply connect with the maneuvers employing Open VPN which is the most popular opensource VPN software on the planet and it is built into PF sense out of the box ok so that’s how we’re configured but what in the world do we do with all these tunnels well you’ll retain from my recent home network tour that I have two Synology nas boxes and two super micro 1u servers in my laboratory all of this calculate and storage can be accessed over the VPN that wants my lad and David both providing access to all of my Synology file shares and any virtual servers I’m running now Plex sharing of course occupations over the open Internet but in our case Plex appears to all of our maneuvers as a regional service and therefore passageways over the VPN this shapes Plex traffic 100% invisible to our ISPs they can’t shape it throttle it or block it okay so you’ll too remember from my expedition video that I lope observe iam for organization and system monitoring in addition to monitoring all of my own inventions this check box gathers SNMP across the VPN tunnels for all of my son and David’s maneuvers tracking uptime firewall status bandwidth practice storage application wireless precisely parts in much more well except for David’s nonenterprise dumb switchings I also move a central syslog server remote machines send their log files now for storage for 90 dates this is super handy for meters when things go jolt in the night not only can we look back in the records to see what happened we can also correlate records across designs to see when one machine motives something to go wrong on another for example if a camera continues rebooting it might be due to the switch running out of power over ethernet capacity of course it should also be noted that this VPN likewise works in the opposite direction allowing me to access David’s file shares as well now some of you who know networking are probably wondering about defence with this setup you might be wondering what happens when David gets some virus or 8bit malware on his network won’t that precisely propagate to me well no we’re not a knot of boneheads these open VPN linkages have full firewall policies ranging on them and we only allow very specific traffic to cross them this be interpreted to mean that only port 445 is open to mine as for example ok so let’s talk about some other things that connect to my VPN I have a remote access VPN in place so that everyone is of my laptops and telephones can connect in fact I never access public WiFi without my VPN turned on I too have a VPN to my V PC at Amazon Web Business this is of course where we host the geek pub comm and the 8bit guy com recollect those see iam and syslog servers those people monitor the lives of our network servers we are therefore immediately know if a server is down or if there is something wrong with it well that about wrappings up this video for those of you who want to some more of the technical details of how all this works I do have a lot of tutorials on geek tavern comm so be sure to check those out also some of you have been asking me how r2d2 is doing well he is doing magnificent and don’t worry he is in accordance with some future videos be sure to leave a comment below and let me know what you’d like to see in the next video thanks for watching

You May Also Like