Want to Setup a Home VPN

[BraveSirRobbin]

To add further complexity to this, I downloaded a HeartBleed app and found this result on my phone.
 

 
I do want to try pfSense on my wife's PC now that I built her a new one (and when I get some free time).  Just have to make sure I restored 'all' her apps and data before wiping out her hard drive (yes, all backed up, but might have to quickly run an app).
 

 

[Photon]

BSR, this might be a good time to replace the HDD on the repurposed PC.  It could be months before she discovers some important file didn't migrate to her new PC.  Even if you are just using her old PC as a trial, the WAF could have a huge impact.  Besides, a cheap recertified HDD can get you through your trial period. 

 

[tmbrown97]

Or I take one from Electron's book here - I will usually replace the hard drive and keep the old one in my stack somewhere; but I usually will P2V the drive using VMware converter so I can also run the VM on the new computer using Virtualbox or similar.  I just had to fire up a 3yr old image a few days ago to dig something up.

 

[BraveSirRobbin]

Good ideas.  Will keep the hard drive on the shelf as I have something I can use around here most likely.

 

[pete_c]

Here I configured wife's desktop with a share on the NAS plus leave a USB stick plugged in to her desktop.  (my documents stuff)
 
That said I keep a basic configured image of her desktop for failover if something happens.  Stock build with MS office installed only; nothing else.
 
Smallest wintel footprint image compressed that I could fit.  IE: keep the OS partition to some 20 Gb or less.  Rest of the drive isn't really ever used.

 

[video321]

To add further complexity to this, I downloaded a HeartBleed app and found this result on my phone.
 

heartbleed.jpg
 
I do want to try pfSense on my wife's PC now that I built her a new one (and when I get some free time).  Just have to make sure I restored 'all' her apps and data before wiping out her hard drive (yes, all backed up, but might have to quickly run an app).

 
I'm currently affected by this on my server.... yeah, I know!
I created my certs with an older non-affected version, but my pfSense box is using a compromised version to authenticate. I've been putting it off for more pressing tasks around the house since I'm using TLS for verification and everything I've read points to if an attacker doesn't have the TLS key the backdoor won't work. I'm also not sure if the fact that I have user authentication on top of that keeps me protected as well. In any case I hope to be able to upgrade tonight.

 

[batwater]

One reason I did not want to 'roll my own' is mainly because I know ZERO Linux (there I admitted it, whew, glad I got that off my chest)!
 
Again, maybe it's something I should look into, though I'm just to busy with life to take on a science project at this moment.
 
I guess there is really no DIY solution that will not involve some digging and testing.  Problem is, where to start for my simple needs. 
 
I do like the idea of just putting Open BSD on a computer, load pfSense, and start there; but, I'm not sure what to even download!
 
I guess I'm going to be into some bucks to get something like SonicWall if I don't want to put in the research, or, go cheaper and put in the development time.

 
BSR I'm running an Asus Black Diamond RT-N66U router running AsusWRT-Merlin firmware, here that has OpenVPN built in.  Asus liked what Merlin did so much that they added OpenVPN into their stock firmware.  AsusWRT-Merlin firmware is "nearly stock" with some improvements but the developer kept it simple simply trying to improve on the stock Asus firmware.  Firmware is available for all of the Black Diamond series of routers. You have a choice of either factory stock or very easy to install high quality 3rd party firmware, no Linux skills required.  Also, the dev has indicated that the OpenVPN stack is not susceptible to the Heartbleed vulnerability in the OpenSSL stack.
 
I have multiple android devices connecting to my VPN enabled router. I have on my to-do list configuring Tasker to automatically start the VPN session when I run certain applications on my android devices (high WAF / Family happiness, no extra steps   ). For now I initiate the connection manually using OpenVPN Client. I bought the paid version to contribute to the author and get Tasker & other features, works very well and does not require root to run on Android 4.0+.  You can trial with the free version here.
 
As Pete mentioned, there are many solutions.  What I'm not certain about is whether you will be able to get away with not installing software on the client side.  I have not researched a USB bootable or "zero-footprint" install of OpenVPN.
 
-Ben