ᏤⵁŁ₮ƦⵁИł€
Follow

You Should Probably Stop Using ExpressVPN
gizmodo.com/you-should-probabl

· 1· 1· 4
KETCHUP  

@voltronic I will like to know what you think about ProtonVPN, I always use them

1
ᏤⵁŁ₮ƦⵁИł€  

@ketchup9080
I used the free version briefly when it was first released, but you can't judge based on that.

I believe @corlin is a happy customer of the full paid version.

1
"We Be The Humans"  

@voltronic @ketchup9080

I am very happy with the paid version.
Yes slightly slower speeds, At the most secure levels.
Yet much more control, and much greater security.
Clients work well on Mac, and Linux.
(i don't do windows)
Really good documentation.

All around the best VPN, you can get !

1
KETCHUP  

@corlin @voltronic I'm a paid customer too, and nice.
that's the only VPN I'm using.

1
ᏤⵁŁ₮ƦⵁИł€  

@corlin
Have you tried it network-wide, ruining it on your gateway? (Less convenient to deactivate, I know )

@ketchup9080

1
"We Be The Humans"  

@voltronic @ketchup9080

Yep.
One test only.

I have a big network. Over 45 devices. Seemed to work fine....
But I need to do more tests, under stress.

But it looks like I might be adding it to the main network.

Right now, using client side, every one is happy. So I might leave it at that.

1
𝚘𝚙𝚒𝚎 :marshy:  

@corlin @voltronic @ketchup9080

<puts on network design hat>

one option would be to adjust the network topology in such way that anything connecting to network X (either via dedicated WIFi SSID or wired VLAN) gets gateway based VPN...everything else is direct to internet (where you'd still have the option to do client-based VPN)

several ways to accomplish that...some logical config only, some additional hardware based

1+
ᏤⵁŁ₮ƦⵁИł€  

@opie
That's a neat idea.

@corlin @ketchup9080

0
"We Be The Humans"  

@opie @voltronic @ketchup9080

Wow great idea!

Some time in the next year I am completely redoing my main network,
Some new hardware, and defiantly new software, along with a total redesign. So I will add this to the stack of notes to research.

This network came to be ad-hoc, with security as an add-on.
I am going fix that, by starting with security first, built into the design.

1+
ᏤⵁŁ₮ƦⵁИł€  

@corlin
Please blog the new build so we can live vicariously through you. 😉

@opie @ketchup9080

1
"We Be The Humans"  

@voltronic @opie @ketchup9080

Will do
😎

0
𝚘𝚙𝚒𝚎 :marshy:  

@corlin

feel free to ping me if you want any of my seemingly endless thoughts on stuff like this...a lot of it depends on the capabilities of the devices in use...

all my WiFi APs support SSID-to-VLAN mapping, so all SSIDs are mapped to separate VLANs, the APs connect to the main firewall via 802.1q trunks, and the main firewall supports multiple isolated routing tables (VRFs)...so I can create *very* complex topologies solely via logical config

// @voltronic @ketchup9080

1
"We Be The Humans"  

@opie @voltronic @ketchup9080

Ok Thanks.

This is why new hardware is going to be needed.
I want to "future-proof" this, so I can do all kinds of things just with configs. VRF's are a big part of this.

I will let you all know as it comes together.

0
Sign in to participate in the conversation

CounterSocial is the first Social Network Platform to take a zero-tolerance stance to hostile nations, bot accounts and trolls who are weaponizing OUR social media platforms and freedoms to engage in influence operations against us. And we're here to counter it.

Resources

Developers

What is CounterSocial?

Created by potrace 1.15, written by Peter Selinger 2001-2017

counter.social

More…