Broadband Tech > Virtual Private Networking > VPN security

VPN security

The VPN connection from your LAN devices to hidemyass is only encrypted but doesn't 'bypass' your
firewall -- so if you're not signed into hidemyass, your firewall's still protecting you.

Or are you looking to setup a permanent tunnel between your DD-WRT router to hidemyass?

Regards

Thanks Hellfire, but thats not really what I meant. If i'm connecting to hidemyass from my laptop the secure connection is between my laptop and hidmyass's (sp?) servers, which is fine as I have a firewall on my laptop which should prevent any unwanted activity. there is a built in firewall in my (bog standard) router, but in this situation I would assume that it would be useless as the internet traffic is encrypted as it passes through the router (I assume that is correct).

I have recently got a dd-wrt router so I was considering setting up a permanent tunnel from this to hidemyass - so all networked devices could benefit from the VPN. However my fear is that this may lead to my home network being open to the internet as there would be no firewall between my network and the VPN. does that make sense? If i'm right in what I say, would that mean that my home network is essentially connected to the internet without a firewall?

Cheers
Phil

Is your goal to allow remote users to connect to your VPN so that they are protected by the security you have in place on your home network? Or is your goal to tunnel past your ISP to some other endpoint (hidemyass or whomever)? If it's the latter then can you please explain a little as to why?

My goal is to tunnel past my ISP which has recently enforced a strict bandwidth throttling policy on all of its products. I have a 21Mbps DSL connection and don't appreciate my bandwidth being so restricted that video streaming is near impossible!

So at the moment I am using the VPN to access the internet through a commercial VPN provider, this increases my download speed considerably. I am happy to continue doing this on my pc, which has its own firewall installed so I am happy that it is safe in this situation, but if I have the VPN tunnel coming from the VPN providers servers terminating in my router I am not sure if my home network will be secure as I don't know if the routers firewall will have been bypassed by the VPN tunnel or not. The reason I am considering terminating the VPN tunnel at the router is so that other devices on my network can benefit from the unrestricted VPN connection.

Thanks again,

Phil

You should be ok presuming your router will support this config. You're creating a secure tunnel between your router and HMA. All your traffic (in and out) will go through HMA.

what I am concerned about is if there is no firewall between the internet and HMA then my VPN tunnel will be open to the unrestricted internet at their end (anything on my PC can get out and anything outside can get it).

if the VPN bypasses the firewall on my end due to encryption, does that mean there is no firewall protecting my network?

I'm sorry if I'm not making myself clear!

Again presuming your router will support being configured as 1 of the 2 endpoints. It's a tunnel - ALL your traffic will be in the tunnel (in or out). There won't be other traffic outside the tunnel (unless you set up a split tunnel, but that's not what you have indicated). You'd just need to keep the tunnel up 24/7, and you'd be fine. if you ever brought the tunnel down and then passed some traffic from your local network then security would revert to however you had that router/firewall set up.

as for what HMA has - you'd have to ask them, but you are going to get traffic from the internet at some point. I think what they really claim to offer is proxy service so as to "anonymize" your service.

Also I'm not really fussed on anonymising my service, all I really want to do is bypass my ISPs throttling. so as far as I am concerned:

I am accessing the internet through HMA

there is a secure connection between HMA and my network

I am concerned the secure internet connection may bypass my networks firewall

so is this the equivalent of having a computer with no firewall accessing the interned via HMA; is my network at risk to attacks from the internet?

I appreciate your help!

Yes, this is as if you are sitting in the HMA office and accessing the internet. As long as the tunnel is active you are relying on HMA for their security as opposed to your router. (caveat for anything you have on individual pc's as personal firewalls, etc). You are "moving" the endpoint from your router to HMA.

reply to bdnhsv
I know what is in the tunnel is secure between the two end points, but surely I have no control over what enters / leaves it at the HMA end.

therefore, if the VPN tunnel bypasses my firewall in the router at home is this more or less the same (security wise) as having my pc connected to the internet without a firewall to protect it?

It's having your PC connected to the Internet using HMA's firewall - whatever that might be. Call or email HMA and ask them what security they provide (and compare that to what you have or want).

thanks for the help!

reply to philA