@tinker any thoughts on my VPN question? cheers :)
As above, either scenario #1 or #2, but the question of what ports the VPN provider is blocking at their VPN exit point also concerns me:
a) do I have any control over this?
b) can I set them to match my preferences set on my OS's Firewall?
c) what if 'someone else' wants 443 or another common port number?)
I would assume that here the FW port-forwarding rules ARE respected, so Windows Firewall and IPtables based Linux firewalls are placed 'behind' the virtual VPN/NIC adaptor (that is, closer to the user from the perspective of the endpoint) or am I wrong, or does it depend on the specific OS implementation? TRUE/FALSE
Exactly the same 'restrictive' setup as scenario 1 above (so no port-forwarding enabled and UPNP off on the hardware gateway router) but this time I use a paid for VPN service and establish a connection to a VPN server/exit-node in, say, France.
What exactly happens to my port-forwarding preferences, including the settings I've made on the hardware gateway and on the local Linux/Windows boxes?
Let's say for arguments sake that I block everything from entering my network unless explicitly originating from my local Linux/Windows box, so no 'port-forwarding' enable and UPNP explicitly disabled gateway FW (and presumably the OS too?....).
I can test and verify this works and then slowly enable / open ports as I require for services I want to allow remote incoming connections to, such as web-servers, FTP , Skype, anything I like etc
I get this, it seems clear :)
#introductions I'm new, work in InfoSec, enjoy coffee and photography :)
SJW, Cyber, Security, Self-hosted since 1970
A Mastodon instance for info/cyber security-minded people.