OpenVPN Support Forum

Community Support Forum
https://forums.openvpn.net/

How safe is it to open port 1194 on my router? (Docker, PiVPN)

https://forums.openvpn.net/viewtopic.php?t=34854

Page 1 of 1

How safe is it to open port 1194 on my router? (Docker, PiVPN)

Posted: Thu Sep 29, 2022 12:54 pm
by openvpnuser222
Hello there,

I installed OMV6 on my Raspberry Pi a few days ago with a Docker. On the Docker I then installed OpenVPN, which also runs constantly.
I have so far completed all the necessary configurations and enabled the port 1194 UDP on my home router, the router is a normal and not a professional.

The connection works without problems and I can access all my data, but I asked myself how secure such an open port can be?
Can I leave the house with a clear conscience knowing that a port is open where hackers could make malicious activity on my network?
Unfortunately I do not know much in this area and wanted to ask and hope for helpful answers.

Thanks

Re: How safe is it to open port 1194 on my router?

Posted: Thu Sep 29, 2022 1:02 pm
by openvpn_inc
Hello openvpnuser222,

Technically any open port can be attacked and attempts can be made to exploit it. We have however an extremely good track record of running secure software. Also to get in the various authentication steps must succeed. One technique we use is control channel security like tls-auth or tls-crypt (v1 and v2). Those basically require that you are in possession of a particular security key before your packets are even processed in any meaningful way. In other words an attacker not having that key could try to send packets but those would then be dropped very early on in the process.

To put it in other words, you should be fine if all you have open is the OpenVPN port. And you are certainly in a much better position than having for example an RDP port open to the public. At some point you do need some port open if you want to be able to access things from the outside, and then OpenVPN is one of the safest choices to have open.

If you want to you could consider using something like OpenVPN Cloud or running your OpenVPN server elsewhere, and connecting out to that central OpenVPN environment from your home network and mobile devices, and they can then communicate over that established VPN connection. Then no open ports on your home network are needed at all as connections are established outward to the central OpenVPN environment. That central OpenVPN environment does need to have an OpenVPN port open to accept incoming connections, of course, but that environment could be outside of your home network.

Kind regards,
Johan

Re: How safe is it to open port 1194 on my router? (Docker, PiVPN)

Posted: Thu Sep 29, 2022 1:08 pm
by openvpnuser222
Thank you for the quick and detailed reply, and of course for your time.
Now I will definitely feel better about leaving the house with an open port. I have researched so much and have not found an answer like this one. Thanks again!

Re: How safe is it to open port 1194 on my router? (Docker, PiVPN)

Posted: Thu Sep 29, 2022 1:12 pm
by openvpn_inc
Hello again,

You're welcome.

Kind regards,
Johan
All times are UTC
Page 1 of 1
Powered by phpBB® Forum Software © phpBB Limited
https://www.phpbb.com/