How safe is it to open port 1194 on my router? (Docker, PiVPN)

This forum is for general conversation and user-user networking.

Moderators: TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech

Post Reply
openvpnuser222
OpenVpn Newbie
Posts: 2
Joined: Thu Sep 29, 2022 12:39 pm

How safe is it to open port 1194 on my router? (Docker, PiVPN)

Post by openvpnuser222 » Thu Sep 29, 2022 12:54 pm

Hello there,

I installed OMV6 on my Raspberry Pi a few days ago with a Docker. On the Docker I then installed OpenVPN, which also runs constantly.
I have so far completed all the necessary configurations and enabled the port 1194 UDP on my home router, the router is a normal and not a professional.

The connection works without problems and I can access all my data, but I asked myself how secure such an open port can be?
Can I leave the house with a clear conscience knowing that a port is open where hackers could make malicious activity on my network?
Unfortunately I do not know much in this area and wanted to ask and hope for helpful answers.

Thanks

User avatar
openvpn_inc
OpenVPN Inc.
Posts: 1332
Joined: Tue Feb 16, 2021 10:41 am

Re: How safe is it to open port 1194 on my router?

Post by openvpn_inc » Thu Sep 29, 2022 1:02 pm

Hello openvpnuser222,

Technically any open port can be attacked and attempts can be made to exploit it. We have however an extremely good track record of running secure software. Also to get in the various authentication steps must succeed. One technique we use is control channel security like tls-auth or tls-crypt (v1 and v2). Those basically require that you are in possession of a particular security key before your packets are even processed in any meaningful way. In other words an attacker not having that key could try to send packets but those would then be dropped very early on in the process.

To put it in other words, you should be fine if all you have open is the OpenVPN port. And you are certainly in a much better position than having for example an RDP port open to the public. At some point you do need some port open if you want to be able to access things from the outside, and then OpenVPN is one of the safest choices to have open.

If you want to you could consider using something like OpenVPN Cloud or running your OpenVPN server elsewhere, and connecting out to that central OpenVPN environment from your home network and mobile devices, and they can then communicate over that established VPN connection. Then no open ports on your home network are needed at all as connections are established outward to the central OpenVPN environment. That central OpenVPN environment does need to have an OpenVPN port open to accept incoming connections, of course, but that environment could be outside of your home network.

Kind regards,
Johan
Image OpenVPN Inc.
Answers provided by OpenVPN Inc. staff members here are provided on a voluntary best-effort basis, and no rights can be claimed on the basis of answers posted in this public forum. If you wish to get official support from OpenVPN Inc. please use the official support ticket system: https://openvpn.net/support

openvpnuser222
OpenVpn Newbie
Posts: 2
Joined: Thu Sep 29, 2022 12:39 pm

Re: How safe is it to open port 1194 on my router? (Docker, PiVPN)

Post by openvpnuser222 » Thu Sep 29, 2022 1:08 pm

Thank you for the quick and detailed reply, and of course for your time.
Now I will definitely feel better about leaving the house with an open port. I have researched so much and have not found an answer like this one. Thanks again!

User avatar
openvpn_inc
OpenVPN Inc.
Posts: 1332
Joined: Tue Feb 16, 2021 10:41 am

Re: How safe is it to open port 1194 on my router? (Docker, PiVPN)

Post by openvpn_inc » Thu Sep 29, 2022 1:12 pm

Hello again,

You're welcome.

Kind regards,
Johan
Image OpenVPN Inc.
Answers provided by OpenVPN Inc. staff members here are provided on a voluntary best-effort basis, and no rights can be claimed on the basis of answers posted in this public forum. If you wish to get official support from OpenVPN Inc. please use the official support ticket system: https://openvpn.net/support

Post Reply