I've got a NAS at home and want to access the files, pictures etc remotely. The NAS has VPN Server (L2TP/IPSec and OpenVPN) functionality and I was planing on using this and enabling port forwarding on the router.
I wanted to check if there is any value in having a separate device as a VPN server, maybe RaspberryPI? or if I should get a Router with VPN server capability? It's a QNAP NAS if that makes any difference.
thanks.
Answer
Summary:
- Best option would be a router with VPN capability (but $$)
- Next get the QNAS to act as VPN (because its free)
- Getting a PI or similar would be least beneficial. (because its complex and not going to perform much better then option 2, and worse then option 1 if its a decent router)
Long version:
Getting a router with VPN server capability is the best way to go from a technical POV because it simplifies routing, offers the VPN service at the point where its most beneficial - the edge of the network - and allows additional functionality to access other parts of your LAN securely. This is the way I would do it. It can also offload the VPN task from the QNAS VPN, but this is not likely to significantly impact performance.
Probably not worth getting a PI (as opposed to having the NAS do the heavy lifting). Having a VPN device like a PI is going to make the routing significantly more complex, and the only benefit would be to reduce the CPU load. Assuming you are using the NAS box primarily as a NAS (ie not focused on other bells and whistles functions it may have), it should not be an issue because a NAS is typically IO bound, and VPN's would be utilise processor.
I also note that most modern CPU's (including those in many QNAP devices) have AES instructions - if your NAS does have a processor with support for AES, and OpenVPN uses it - which it probably will - then it would not even use that much processor.
No comments:
Post a Comment