Does anyone know if there is an update for this problem

I use the latest firmware on my Qnap TS-219P+
jpeeters19 wrote:I read at this forum that Qnap uses an decade old library version of SSL and the Open VPN option is therefore not secure?
Does anyone know if there is an update for this problem![]()
I use the latest firmware on my Qnap TS-219P+
jpeeters19 wrote:Hi Patrick,
Thanks, but how unsafe is this? Is it very easy for hackers to abuse this leak?
It's not - you can add a route to the complete LAN for example, too.danimal1228 wrote:I was unaware that the qnap implementation of VPN was point to point only.
this is not a feature of the RPI - this is simply a different configuration, using a different design.danimal1228 wrote:I have been using a raspberry pi as VPN server for several months and it works great. Once you VPN into the RPI, you have access to the whole network.
Of course. QNAP votes against this, and towards a much easier implementation. And I'm kind of happy about it. Why?danimal1228 wrote:You can even allocate a subset of private IPs to be handed out to the incoming VPN connection.
danimal1228 wrote:I was unaware that the qnap implementation of VPN was point to point only. I have been using a raspberry pi as VPN server for several months and it works great. Once you VPN into the RPI, you have access to the whole network. You can even allocate a subset of private IPs to be handed out to the incoming VPN connection. This way you specifically allow or deny access to different devices on your LAN by blocking or allowing those IPs on each device. For only $40 you get a lot of bang for your buck.
danimal1228 wrote:I was unaware that the qnap implementation of VPN was point to point only.
schumaku wrote:It's not - you can add a route to the complete LAN for example, too.
danimal1228 wrote:I have been using a raspberry pi as VPN server for several months and it works great. Once you VPN into the RPI, you have access to the whole network.
schumaku wrote: this is not a feature of the RPI - this is simply a different configuration, using a different design.
danimal1228 wrote:You can even allocate a subset of private IPs to be handed out to the incoming VPN connection.
schumaku wrote:Of course. QNAP votes against this, and towards a much easier implementation. And I'm kind of happy about it. Why?
-> It's not fun to deal with inexperienced NAS users out there and explain they have to free up an IP range for the OpenVPN. Oh, and another one for the PPTP VPN.
-> Unless you do a lot of filtering, you get a lot of TCP/IP traffic to the VPN, you don't need and want there.