[CALUG] CALUG Digest, Vol 147, Issue 1

Chuck Frain chuck at chuckfrain.net
Tue Apr 23 21:01:58 EDT 2019


In my setup, I haven't had any issues streaming where I made particular
changes to make it work well. I've never used the Untangle firewalls, but
from talking with people over time, there is typically some tweaking that
needs to be done out of the box. Have you done any of that troubleshooting
and testing of settings?

 On the PiHole/Adblocking, are you using any customized lists with
Untangle? I've found the out of the box experience with such devices is
very basic. The companies want you to see a difference so they can say the
product is effective. But they don't go too aggressive for situations like
your family (and much of the population if we're being honest) who are not
too knowledgeable in this area. Aggressive blocking can lead to blocking
'good' sites as well (advice from personal experience).

As far as the VPN between the three houses, what is your end goal? Are you
planning to host various services that your family will access at you home?
If its only DNS/PiHole stuff, I would do something different than a site to
site VPN. A site-to-site VPN will require routing exceptions for streaming
services, gaming, and other heavy traffic services since you don't want all
that going through one point of failure.

If it is just to manage DNS and get a foothold to manage their networks, I
would set up a Pi for each location. Install PiHole (if customizing
untangle doesn't enhance the ad blocking enought) and an OpenVPN server on
it (if Untangle doesn't provide one) so you can connect when needed. Even
having both services on the Pi, you'll have plenty of compute power.

Hope this helps clarify things a bit. let us know if you have more
questions.

On Tue, Apr 23, 2019 at 5:31 PM B Spiker (gmail) <bs20707 at gmail.com> wrote:

> So in your setup. How does it handle streaming like netflix, apple tv,
> rook, etc?  I gave my brother an untangle FW and he claims that it brought
> his streaming service to an unable speed.
>
> My goal if I could do something like that was to setup a VPN between three
> houses (family who are not tech savvy) and admin all services for them. All
> of them have their own streaming and favorites of course.
>
> The PiHole has me interested as well. I’m using an untangle u50xw which is
> doing basic DNS for me now, but their ad-block is ok, bt not the best. LOTS
> still gets through, thank you google and amazon.
>
>
>
> On Apr 23, 2019, at 5:13 PM, Chuck Frain <chuck at chuckfrain.net> wrote:
>
> So my part in this conversation was the VPN back home to take advantage of
> the PiHole ad blocking (and the rest of my network).
>
> I use an OpenVPN server at home as a part of my router and have clients on
> most every device I have. We connect back home and all of my DNS traffic
> goes through the PiHole DNS server at home to block most ads and [known]
> bad sites. Plus my traffic all appears to be originating from my home.
>
> One of my devices is [an older version of the current] GL.iNet
> GL-AR300M16-Ext Mini Travel Router. They run just under $40 at most of the
> online places. It runs OpenWrt out of the box and I can flash it with a
> fresh ROM if/as needed. I have this device configured as an OpenVPN client
> back to my home. When I travel I'll set this to access the guest wifi/wired
> network in the hotel. I go back to a tablet/laptop to authenticate against
> the captive portal. Once on the internet I can then establish a VPN
> connection back home. The devices in the room then connect via the router
> to share the hotel connection over VPN.
>
> There are different brands of travel routers and features. What you get
> will depend on your needs. My router is powerful enough for the two of us
> to both be on VPNs to work and stream Netflix or similar (when the hotel
> connection is not a bottleneck. Just make sure that whatever you get has
> the ability to connect to the guest wifi where you're at and act as a
> wireless router at the same time.
>
> On Mon, Apr 22, 2019 at 11:24 PM Thomas Delrue <thomas at epistulae.net>
> wrote:
>
>> On 4/22/19 10:01 AM, B Spiker (gmail) wrote:
>> > At the last meeting there were interesting discussions (for me) DNS
>> > and ad blockers. I would like to have more discussions on home use
>> > and how to protect remote family members. The one gentleman was going
>> > to create a family VPN network if I recall and protect all from
>> > central location.
>> The DNS solution called IvyDNS was mine but there was discussion about
>> PiHole as well.
>>
>> I think the solution that 'phones home and sets up a VPN' that you are
>> thinking of was the Chuck's set up.
>>
>> Speaking of which, Chuck, what is the device that you use called again?
>>
>> _______________________________________________
>> CALUG mailing list
>> CALUG at unknownlamer.org
>> http://lists.unknownlamer.org/listinfo/calug
>>
>
>
> --
> Chuck Frain
> GPG Key: B2420431
> http://www.chuckfrain.net
>
>
>

-- 
Chuck Frain
GPG Key: B2420431
http://www.chuckfrain.net
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.unknownlamer.org/pipermail/calug/attachments/20190423/7af0f4fe/attachment-0001.html>


More information about the CALUG mailing list