More information about the Underscore mailing list

[_] New router with VPN

Oliver Humpage oliver at watershed.co.uk
Tue May 7 15:28:52 BST 2019

> I work abroad / away from home and I'd love to be able to VPN in and
> access my local network. I'll be using my Mac / iPad on the VPN so
> ideally I'd like it to be something other than OpenVPN that works with
> OS VPN controls.

In-built VPNs on iOS/macOS are either PPTP, which isn’t amazingly secure and should be considered obsolete, or L2TP/IPSEC, which is a PITA to set up. Also allowing random remote IPs on L2TP involves using aggressive mode for negotiations, which again opens up potential security issues, although you can mitigate them with a really strong pre-shared key.

OpenVPN works fine via the iOS app (which hooks into the main iOS VPN control so you can turn off/on in general settings) or via TunnelBlick on the Mac. Nice fine-grained control over routing and DNS, decently secure, never had an issue with it. I wouldn’t discount it before trying it.

I’ve found firewalls in random places slightly more likely to block L2TP/IPSEC traffic, so it may be worth having both anyway - or find some kind of SSL VPN setup - so you have a fallback.

Oliver.