Control Network Newsletter
Utilizing VPNs to Address Vulnerabilities in IP Networks
An IP firewall acts as a barrier between a trusted internal network and untrusted external networks by monitoring and filtering incoming and outgoing traffic based on predefined security rules. These rules permit or deny access to specific IP addresses or ports. To access a device remotely through a firewall, you need to set up a secure connection using techniques, such as port forwarding and Network Address Translation (NAT).
With port forwarding, remote devices can traverse the firewall and access specific services or applications hosted on a private network. By configuring port forwarding settings on a router or firewall, incoming requests to a specific port are directed to a particular device within the network. NAT is used to modify or translate IP addresses between different subnets. Usually, a WAN-side or public IP is translated to a private network to allow access to all services of a LAN-side device. This provides an added layer of security by hiding internal IP addresses from external networks, making it difficult for potential attackers to target individual devices directly.
If not properly secured, port forwarding can allow unauthorized users to access your network. Open ports can be exploited by attackers and each open port increases potential entry points, known as the attack surface. In addition, unencrypted data transmitted through open ports may be vulnerable to interception.
A VPN creates a secure, encrypted connection and limits access by restricting communication to authorized users. A combination of a firewall and a VPN can be used to provide enhanced network security. Contemporary Controls Skorpion Gigabit IP routers allow you to configure and maintain your own VPN without subscription fees and without the need for a cloud-based VPN server. Models EIGR-V, EIGR-VB, and EIGR-C support OpenVPN client/server functionality and when configured as an OpenVPN server, the routers deliver secure, remote communications.
Contemporary Controls has application notes that explain how to configure an EIGR-V and EIGR-VB Gigabit IP router as an OpenVPN server. The entire VPN setup can be easily done via the built-in webpages. For access the application notes, visit the Skorpion Gigabit IP Router product page.