Menu

Show posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

Show posts Menu

Messages - zante

Pages1
#1
General Discussion / Re: Newbie question regarding topology and config for VPN gateway
October 25, 2020, 04:25:25 PM
Quote from: Gauss23 on October 25, 2020, 03:55:22 PM
If you want to use your router as dhcp server you need to leave it in ,,Wireless Router Mode" according to this Synology site: https://www.synology.com/en-global/knowledgebase/SRM/help/SRM/NetworkCenter/operation_modes

But in this mode the router is using NAT. Seems to be not possible to disable it. So you would introduce double NAT to your network.
The order of devices would be like you suggested in the beginning.

Definitely not the most optimal solution.

With that being said then, other than by using a device running OpnSense, how else would I be able to crunch the VPN workload in such a way that its not limited by the hardware on the router and doesn't put me in double NAT?

That is the question I'm asking, for all intents and purposes.
#2
General Discussion / Re: Newbie question regarding topology and config for VPN gateway
October 25, 2020, 03:09:08 PM
Thanks for your reply and patience with me.


  • I don't want the OpnSense to do any DHCP stuff because I'm entirely happy with the UX on my Synology rt2600ac. That's what I mean by not wishing it to function as a router and only as a dumb OpenVPN crunching client machine
  • If your suggestion allows non-wired connections to go via the NUC before leaving the LAN, then yes, it sounds like that would be the better option.

In effect, are you suggesting the following topology?

[Modem] ==> [Router] ==> [NUC with OpnSense] ==> [LAN Devices]

Wherein all outbound traffic from the network has to go via:

[LAN Devices] ==> [Router] ==> [NUC] ==> [Router] ==> [Modem]

I'm just trying to understand your proposal and I happily betray my ignorance when it comes to this sort of thing.
#3
General Discussion / Newbie question regarding topology and config for VPN gateway
October 25, 2020, 01:12:01 PM
I'm still new to this so here goes - I'm trying to leverage the CPU power in a NUC, that remains unused, to offload OpenVPN processing from my router.

My proposed topology looks like the below:

[Modem] ==> [NUC with OpnSense] ==> [Router] ==> [LAN Devices]

Simply put, I need the NUC to act as a VPN gateway (to a service like Nord/ExpressVPN) in order to ensure all clients on the network benefit from the encryption.


  • I do not want the NUC to act as a router
  • I'd like to avoid double NAT if possible

If this is possible, and I understand that I wouldn't be utilising 90% of what OpnSense does, how would I configure OpnSense to harmonize with the above?

Thanks for any suggestions/answers.
Pages1