unbroken Posted December 23, 2015 Share Posted December 23, 2015 I'm running an OpenVPN server in a Fedora 21 VM on unRAID 6, and I have two ports (500 and 4500 UDP--both specifically for OpenVPN) being forwarded from my router to the VM. If, somehow, the Fedora VM gets compromised, will unRaid then become susceptible to [remote] attacks? To my understanding, VMs are isolated from the rest of the OS, but my concern here is mainly about the ports being forwarded to my unRAID box while it's acting as the hypervisor. My router has built-in support for OpenVPN as well, but it doesn't performe nearly as well for me on my mobile devices as the instance of OpenVPN I'm running in the VM does. I've also considered running an OpenVPN docker. Is this, more or less, as secure as running it in a full blown VM? I'd like to limit the ports being forwarded to my unRAID box as much as possible but still have remote access to my LAN/SMB shares/unMENU (is this the official name for unRAID's webGUI? I've seen it mentioned a few times in the forums.) Any advice would be greatly appreciated. Quote Link to comment
CHBMB Posted December 23, 2015 Share Posted December 23, 2015 In my mind, if someone has access to your VPN they then have as much access to your LAN as they would if they were sitting in your lounge with a Cat6 cable plugged directly into your router, regardless of where the VPN is located or how it's set up.. Quote Link to comment
gundamguy Posted December 23, 2015 Share Posted December 23, 2015 I'm running an OpenVPN server in a Fedora 21 VM on unRAID 6, and I have two ports (500 and 4500 UDP--both specifically for OpenVPN) being forwarded from my router to the VM. If, somehow, the Fedora VM gets compromised, will unRaid then become susceptible to [remote] attacks? To my understanding, VMs are isolated from the rest of the OS, but my concern here is mainly about the ports being forwarded to my unRAID box while it's acting as the hypervisor. My router has built-in support for OpenVPN as well, but it doesn't performe nearly as well for me on my mobile devices as the instance of OpenVPN I'm running in the VM does. I've also considered running an OpenVPN docker. Is this, more or less, as secure as running it in a full blown VM? I'd like to limit the ports being forwarded to my unRAID box as much as possible but still have remote access to my LAN/SMB shares/unMENU (is this the official name for unRAID's webGUI? I've seen it mentioned a few times in the forums.) Any advice would be greatly appreciated. See CHBMB's answer + Would an OpenVPN docker help. No, it would have the same security concerns... more or less. Quote Link to comment
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.