QuickConnect or TeamViewer?

Currently reading
QuickConnect or TeamViewer?

VPN of some flavour with personal domain and LE certificate.

On SRM SSL-VPN/Web VPN can be run on a non-standard, but permitted, port that you know is often open for users to HTTP/HTTPS access behind corporate firewalls. If you are already mapping 80 and 443 then first look to the common proxy ports to see if corporate firewalls allow access to one of these.
 
I get that QC might be slow or a bit flaky, but QC and TV are so much simpler to use and to set up. Since QC traffic is already encrypted and secured with LE certificate, and TV is also encrypted, what is the main reason you lean toward setting up a VPN...
Well simple in my book is one click on my vpn client, connect and that's it. I'm on my LAN. So in my book it's not complicated. But another reason is that I get to choose what my backend connection server is (no 3rd party connections) and another thing is that in some cases you can't use TV (come corporate setups block usage). With VPN I have no problem considering that I can set it up to run via tcp or udp on any port I want.

I get that QC and TV will be a more simple solution for most, but for me, its a better piece of mind. Also, TV adds an additional layer that slows down my experience. When I tunnel in and open up DSM for example in a browser it's much faster and responsive than having a TV session.
 
Last edited:
what is the main reason you lean toward setting up a VPN...
Pros
  • Point A to point B which are both managed by me.
  • There is no third party managing and influencing security at an itermediate point C.
  • There is a possibility of man-in-the-middle exposure with intermediary connections.
  • Don't have to trust the implementation of security operating procedures ... are they independently assessed and audited?
  • There are fewer systems involved to introduce a vulnerability.
  • You choose exactly which VPN / tunnelling variant and level of security you want to use.
Cons
  • Requires direct Internet access to the VPN server, i.e. open ports on the firewall.
  • Intermediate services can utilise the TCP back connection of outbound requests to bridge two endpoints, i.e. doesn't need open ports on the firewall as there is a returning high port open to receive the responses (can't remember if QC does it this way but I think it does).
  • Better than not using any secure access.
  • Potentially is easier to access the NAS/LAN from within a corporate environment

Personally, I run VPN services and also HTTPS reverse proxies. Via VPN you can use VNC/RDP clients to access desktop machines and the rest are web portals (either VPN or r-px). You can setup r-px rules for specific packages and not allow direct Internet to the DSM portal, if you want. This also means I can use SSH but not expose it to the Internet.

Buying a personal domain is cheap and then get a DNS provider that allows it to be dynamically updated, if you're a home ISP customer.
 

Create an account or login to comment

You must be a member in order to leave a comment

Create account

Create an account on our community. It's easy!

Log in

Already have an account? Log in here.

Similar threads

I finally fixed the error message by doing a clean install of DSM using Reset Mode 2. I'd never done this...
Replies
10
Views
3,586

Welcome to SynoForum.com!

SynoForum.com is an unofficial Synology forum for NAS owners and enthusiasts.

Registration is free, easy and fast!

Trending threads

Back
Top