SG5100 + Protonvpn + NIDS/DPI
-
Hi, sorry for a basic question, I have been out of the recent network protection for a while.
My goal is to protect my home office traffic and increase privacy.
The idea was to use protonvpn (openvpn), also it sadly caps at 100 mbps, where my broadband is 1 gbps.
Does it make sense to add NIDS/DPI like snort, I am not sure how it will be able to look inside of the IPSEC traffic.
Are those things mutually exclusive?
Would be interested to hear how others are using SG5100/protect their home networks.
Thanks -
They are not exclusive, you can run Snort (or Suricata) in combination with a VPN WAN.
If it's IPSec you can't run it on the tunnel directly but for home/soho use you would probably want to run it on the LAN interface anyway. That gives much better visibility as you can see internal private IPs .Steve
-
Thank you for the prompt response!
I am a bit reluctant regarding sending the traffic via VPN due to the performance downgrade, only 100 mbps. Setting up my own proxy seems to be an overkill for a home office setup, maybe a cloud proxy.
How is the community utilizing netgate products in consumer space? -
I assume you mean the VPN provider is capped at 100Mbps? The SG-5100 should be capable of far more than that.
Steve
-
It is VPN capping for sure, I wonder how to overcome this limitation without losing privacy and security.
-
Use a different VPN provider?
Use multiple VPN connections and load-balance them? That would require routed IPSec or OpenVPN.
-
@paulch7780 said in SG5100 + Protonvpn + NIDS/DPI:
It is VPN capping for sure, I wonder how to overcome this limitation without losing privacy and security.
which plan do you have. are you connecting to the secure core servers? when i used them the secure core servers were extremely limiting
-
I tried the plus package for a week. 100 mbps seem to be the average also if you compare to other providers like NordVPN, etc. I think I‘ll need to give up the idea of using the VPN for all traffic and maybe just use a reliable and privacy aware DNS service for the start. What is the recommendation there - is anyone using 1.1.1.1/Cloudfare instead of the ISPs DNS settings?
-
I’m suggesting use the standard servers instead of secure core. Nord? Yuck stick with proton
I’ve used alternate dns servers for over a decade
