I am in the process of setting up an off site backup at relatives home. They only have a crappy ISP’s router with minimal safe guards. I watched all the awesome video’s by SpaceRex on off site backups & is Synology secure enough, securing accounts etc. My core question will the NAS’s security features be enough or should I put a better router in front of it or/and even run a VPN between.
I have a slightly more secure network at home and see attempted attacks but nothing get through to the NAS it’s self. I have the same ISP so I know the their router is crappy.
So should I keep quick connect open at a minimum I would need DDNS to reach the device. Would running the NAS as VPN be client better.
So the highest level of security is to use a site to site VPN between the two boxes. But unless you have that setup only opening the hyperbackup port is a great place to start.
If you encrypt the backup through hyperbackup they could never get access to your data even if somehow their was an exploit
I was tempted to set up a site to site VPN. I’ve got the one end but still need the router on the backup end or set up the NAS to run VPN . But the as it’s an old model may not really have the power to be VPN & NAS .
Spoke too soon … Works but the VPN drops out after a few Hrs and the Synology fails to reconnect.
The Nas is set to try to reconnect. According to the router the pipe is still up just no client. I’m not using OpenVPN but L2TP/IPSec.
Ok I answered my own question.
Seem the issues is common to Synology. THe auto reconnect does not wokr. Here is a blog page with one of the best VPN reconnect scripts to address the issues. This guy seem to know what he’s doing and requires no modification to the script in default mode.