Security issues

[dolbyman]

pptp is flawed and easily breachable..so make sure you never use it in a public location (public wifi)

[spile]

Another question, since the PI contains a lot of services, you have to back it up because I'm sure you trust it in running your network.
How do you back it up, or what will you do if it crashes?
I also mean recovery time.

I have a backup of the SD card but this has nothing to do with “trust” or “services”.
In 12 months of 24/7 operation it has not crashed.
I am not understanding the direction you are attempting to take this dialogue.

[boubi]

pptp is flawed and easily breachable..so make sure you never use it in a public location (public wifi)

Sure. It was just a test.

[boubi]

Another question, since the PI contains a lot of services, you have to back it up because I'm sure you trust it in running your network.
How do you back it up, or what will you do if it crashes?
I also mean recovery time.

I have a backup of the SD card but this has nothing to do with “trust” or “services”.
In 12 months of 24/7 operation it has not crashed.
I am not understanding the direction you are attempting to take this dialogue.

First, thank you for your time.

English is not my native language, but I was just trying to find basic information that I was missing on certain topics.
I bought a nas for home use, I saw that it has a lot of other uses and I like to check things out even though I do not have a lot of free time and for that I need to spend a lot of time.
So we started with a VPN login, a recommendation not to use NAS even though it exists there.
I connect to the Raspberry Pi issue but beyond the financial outlay and time I need to invest, I try to think ahead about system backup.
I will give you an example:
I installed Adguard after failing to work with Pihole.
I set up everything I saw in the manuals, after a few days power outage and no internet at home.
I'm at work, kids at home without Netflix, my wife can not work ...
I logged in and saw that the Adguard did not go up.
I connected to the router and changed the DNS to something other than the Adguard and everything worked again.
So before I get into the adventure of a new toy (PI), I try to understand from someone who recommends working with PI what the consequences are and how to minimize damage.

[Moogle Stiltzkin]

If your router doesn’t support a vpn server (many do not) you may want to consider a Raspberry Pi and Wireguard combination. Google Pivpn

The thing with the Raspberry Pi is that it probably requires a few hours of learning and tinkering with it.

That is true and is also the case for some aspects of NAS usage and carrying out a risk assessment for example. Only you can decide if that investment in time is worth it. However the Raspberry Pi model works for me because of the price point and flexibility of being able to run other services without changing my router or adding to the load on my NAS.
Aka YMMV.

i found a video tutorial here for how to setup and use the pivpn
https://www.youtube.com/watch?v=zsN47t2r_WU

https://www.youtube.com/watch?v=BpJCAafw2qE


my question though is, is it safe to user? is it less secure compare to running vpn server from the router instead?

also any tips for setting up the dyndns ? because i have a dynamic ip, so having to change the ip to match all the time is just a bit too tedious for me. so how do i go about setting up the dyndns? any tips ?


oo and seems you can also run pihole at the same time on the same device. and during pivpn setup it will even ask if you want to use the pihole for your dns

[spile]

I have seen no evidence that using a third party appliance carries more risk than using a router to host a vpn server. It does however give me more flexibility and means that my router carries out it’s fundamental role rather than also acting as a server. I also feel the same about combination routers and wireless access points. If I need to improve my wireless infrastructure, I won’t look to the router to do that.
I gravitate toward separate devices and that includes audio equipment. That however is a different topic.

[spile]

As for resources and help guide as well as YouTube, I also referred to...
https://www.pivpn.io/
https://snikt.net/blog/2020/01/29/build ... as-server/
https://spin.atomicobject.com/2019/04/0 ... pberry-pi/
https://github.com/pivpn/pivpn/wiki/FAQ
https://www.thomas-krenn.com/en/wiki/WireGuard_Basics
https://www.sigmdel.ca/michel/ha/wiregu ... %2Fsources.

You have an inexpensive but powerful device with a great active support network that you can configure without touching your router or your NAS. I like the fact that I am not going to be doing anything that could affect my broadband connectivity or the performance of my NAS.

[boubi]

@Moogle Stiltzkin
I ordered Pi4-4gb, soon I will get it.
going to try install on it, VPN, Pihole, nginx - the dyndns i leave on the Qnap.

[spile]

of course. I do decide what to do with the NAS, but there are a lot of talented people who give good advice on things that are less important to me, or that I have not emphasized because I do not know them.
This is where the forum comes into play.
Another question, since the PI contains a lot of services, you have to back it up because I'm sure you trust it in running your network.
How do you back it up, or what will you do if it crashes?
I also mean recovery time.

You have already asked me this question so I will refer you to my previous answers.

[spile]

@Moogle Stiltzkin
I ordered Pi4-4gb, soon I will get it.
the dyndns i leave on the Qnap.

If you have web hosting that runs Cpanel, you can run a dns updater on the RPi.
No reliance on Noip, duck dns etc or Qnap