Security solution tailored for unique requirements
Security solution tailored for unique requirements
So here it comes again—something about setting up a firewall or router software. I’m after a solution that lets remote users join a VPN so they can reach the resources on my server. It should act like a DIY alternative to Hamachi, but not too complicated. Basically, I want a tool I can drop into a VM on my server that does these things:
- Users connect via Windows built-in VPN (no exceptions—end users are just basic folks).
- All connected users stay isolated; they can’t ping each other or communicate directly.
- The same VM needs a way to forward ports, either by allowing or blocking specific IPs and ports.
- Everything should fit in a single VM with under 1GB RAM.
From what I’ve seen (professionally):
- Things I don’t need: top-tier security for the VPN itself.
- Things I do need: strong public-network compatibility, enterprise-level features, good history.
- What matters to me: simple setup and configuration, easy-to-use interfaces for both setting up rules and managing them.
- I want minimal resource use—ideally just one VM running everything.
What I’ve tried before didn’t work because:
- PFense’s VPN setup is messy, even with strict guides.
- OPNsense has a confusing interface.
- IPFire’s web UI is worse than D-link.
- Linux firewalls are powerful but hard to configure for this use case.
I need something user-friendly, works smoothly on Windows clients, and gives me clear control over port access without getting bogged down in complexity.
You'd need to begin at the most basic layer, such as the local area network, and then create a virtual network with a dedicated VPN server for every user. It's a bit tricky but can be approached in these kinds of scenarios.
The choice of using a VPN often depends on the specific service being accessed. It's unclear why one might think a VPN simplifies setup compared to port forwarding.
since i frequently ride my bike through game servers, many lack good password systems or let you stay hidden from the in-game list. it’s worth noting that every hour i invest in setting this up can pay off after just 2–3 changes of passwords or adding a whitelist for any server.
unfortunately the Windows VPN setup is essential since some end users refuse to install anything. regarding the router side, my primary router functions as a VPN device, but its implementation has certain constraints that render it unsuitable for this purpose.