<waben...@gmail.com> writes: > lee <l...@yagibdah.de> wrote: > >> Rich Freeman <ri...@gentoo.org> writes: >> >> > On Sun, Jan 17, 2016 at 6:38 AM, lee <l...@yagibdah.de> wrote: >> >> Suppose you use a VPN connection. How do does the client >> >> (employee) secure their own network and the machine they're using >> >> to work remotely then? >> > >> > Poorly, most likely. Your data is probably not nearly as important >> > to them as their data is, and most people don't take great care of >> > their own data. >> >> That's not what I meant to ask. Assume you are an employee supposed >> to work from home through a VPN connection: How do you protect your >> LAN? > > Depends on the VPN connection. If you use an OpenVPN client on your PC > then it is sufficient to use a well configured firewall (ufw, iptables > or whatever) on this PC.
The PC would be connected to the LAN, even if only to have an internet connection for the VPN. I can only guess: Wouldn't that require to put this PC behind a firewall that separates it from the LAN to protect the LAN? > If you use a VPN gateway then you could > configure this gateway (or a firewall behind) in a way that it blocks > incoming connections from the VPN tunnel. Hm. I'd prefer to avoid having to run another machine as such a firewall because electricity is way too expensive here. And I don't know if the gateway could be configure in such a way. > IMHO there is no more risk to use a VPN connection than with any other > Internet connection. But it's a double connection, one to the internet, and another one to another network, so you'd have to somehow manage to set up some sort of double protection. Setting up a VPN alone is more than difficult enough already.
