Discover how to secure your Smart Home and set up a secure and private WireGuard® VPN server in your home network in just a few simple steps.

Guide contents:

• Understanding Smart Home security
  • What are the risks of smart devices?
• How to Set Up a Home VPN Server
  • What is a VPN?
  • Step one: Set up Dynamic DNS
    • Private vs. public IP addresses
    • What does Dynamic DNS do?
    • Where to register Dynamic DNS
    • Set up Dynamic DNS on your gateway
  • Step two: Configure the VPN server
    • Which VPN protocol is best?
    • Configure a WireGuard® VPN server on your gateway
  • Step three: Configure your VPN client
    • What is a VPN client?
• Accessing your smart devices on the go

Understanding Smart Home security

Smart Home tech is on the rise – with more and more people controlling their home via their smartphone or tablet.

Popular IoT devices like smart locks, lightbulbs, thermostats, doorbell cams, alarm systems, etc. allow users to automate everyday processes and – in most cases – even promise secure remote access to the home network via external cloud servers.

Yet how secure are these solutions really? How many of you would be willing to hand over the keys to your home to outright strangers?

What are the risks of smart devices?

For most regular users, getting remote Smart Home access involves connecting to an external cloud server and sending sensitive data back and forth.

Purchased a cheap, smart camera online? As soon as you connect this device to your WiFi and start streaming video data to the cloud, you’re opening up a potentially huge security hole in your home network – for both cyber and regular criminals. Why? If the cloud server connected to the camera is not secure and outsiders are able to hack into it, they could easily gain access to your home network and potentially all the devices within it.

Examples of poor security include:

• Insecure default passwords
• No Two-Factor-Authentication (2FA)
• Lack of encryption
• Out of date security software
• Poor or no data protection regulation

However, this doesn’t mean you have to stop using smart devices all together. On the contrary, when used safely, IoT technology is great and makes a practical addition to modern homes.

Set up a VPN Server at Home

Setting up a VPN server in your home network empowers you to take your security into your own hands. Remotely access your smart devices and control your Smart Home on the go – as though you are connecting locally at home.

What is a VPN?

A (virtual private network) securely connects an enduser to a remote network via the internet by creating an encrypted tunnel to transfer data back and forth. Once a VPN connection has been established, users can access the remote network as if they are physically in that location – even if they’re hundreds of miles away.

What you need to set up a VPN server at home:

1. A public IP address (you can request this from your internet provider if you don’t have one already)
2. A Dynamic DNS address (hostname)
3. A VPN compatible gateway
4. A VPN protocol – the most popular include OpenVPN, IPSec, WireGuard® & PPTP. Check with your gateway to see what’s available (VPN Tracker supports all leading protocols)
5. A VPN client – we recommend VPN Tracker for Mac and iOS

Step one: Set up Dynamic DNS

Public vs. private IP addresses

Typically, home networks use a NAT router that assigns each connected device an internal (private) IP address to be used on the local network. Smart devices connected to the router like cameras, thermostats, alarm systems, etc. won’t have external (public) IP addresses, meaning they won’t be directly accessible via the internet. This prevents you from obtaining remote access – i.e. via a VPN.

You can easily request a dynamic public IP address for your router from your ISP (internet service provider.) This will make your devices available online, but is not suitable for VPN access, as the IP address is periodically updated. As soon as the IP address changes for the first time, the VPN tunnel would be pointing to the wrong address and will no longer work.

Unfortunately, if you want a static IP address that doesn’t change (the most typical option for VPN), this will almost always result in a significant charge from your provider, as these are usually reserved for business users.

The solution: Dynamic DNS. It’s easy and free to set up and is an essential step in configuring your own VPN connection to your home network.

What does Dynamic DNS do?

Registering your gateway’s dynamic public IP address with a Dynamic DNS service allocates a specific URL (hostname) to your device. Whenever your public IP address is updated by your ISP, the Dynamic DNS service will recognize the change and update the DNS record accordingly to keep everything up and running.

Where can I register for Dynamic DNS?

Some devices offer their own DynDNS services (e.g. FRITZ!Box, ASUS, etc.) or provide a list of recommended services – refer to your gateway for more information. Alternatively, a free service like dynv6 is also a great choice and enables you to get set up in minutes:

When you register your new hostname with a service, you’ll also be instructed to set up a username and password, needed for the configuration on your gateway.

Configure Dynamic DNS on your gateway

The final step is registering your new hostname on your VPN gateway. The process is the same for the majority of devices:

1. Log in to your device interface and find the advanced settings menu. (Tip: If you don’t know your login details, they are usually provided on a sticker on your device)
2. Locate the settings for “DynDNS” / “Dynamic DNS” / “DDNS”
3. Enable Dynamic DNS for your device
4. Choose a DNS provider from the available options or select custom if yours is not listed
5. Fill out your login and password using the information generated in the previous step and enter your new hostname (e.g. grace-m.dynv6.net)

Step two: Configure VPN on your gateway

Each VPN gateway will have slightly different setup instructions depending on the type of device and the VPN protocol you are using.

Which VPN protocol is best?

If you are new to VPN (or even if you’re not!), you may prefer a modern VPN protocol such as OpenVPN or WireGuard®. Both of these are open source, super easy to configure and offer good connection speeds for a typical Smart Home use case. They both also use a configuration file to get set up and can be up and running in minutes.

IPSec VPN is also a good choice and is supported by almost all vendors, however it can take a little longer to get set up – especially if you’re not experienced in networking. Generally, we would avoid PPTP where possible, as it has some known major security flaws.

Setting up a WireGuard® VPN connection

We have chosen to configure WireGuard® VPN, due to its easy configuration and impressive performance. However, if you want to connect to a different protocol – i.e. because your device doesn’t support WireGuard, you can refer to our configuration guides or follow your vendor’s instructions.

How to set up WireGuard® VPN in 3 steps:

1. Log in to your device’s web interface and locate the VPN settings
2. Choose WireGuard® from the VPN options and fill out the required fields
3. Save your connection to generate your personalized configuration file (you’ll need this for the next step!)

Step three: Configure your VPN client

The last step involves configuring your connection in your VPN client.

What is a VPN client?

A VPN client is a specific type of software which establishes a secure connection between a device and a VPN server. You need a VPN client in order to connect to your VPN and access your network remotely.

The latest VPN Tracker version offers support for WireGuard® VPN on macOS and iOS (Beta) – meaning you can remotely connect to and control your Smart Home from your Mac, iPhone or iPad. Configure your connection using QR code or with a .conf file.

Here’s how it works:

1. Download VPN Tracker free on your Mac, iPhone or iPad
2. Create a new connection and choose WireGuard®
3. Upload your .conf file or scan your QR code to import your connection settings

It’s as easy as that. You can now save your new WireGuard® connection using Secure Data Transfer and connect to your home network from another location on your Mac, iPhone or iPad!

My VPN Server is set up – what now?

Your VPN server is up and running – meaning you can now enjoy secure external access to your Smart Home and devices.

Access smart devices on the go

You can connect to your home network from another location using your new WireGuard® VPN in VPN Tracker on your Mac, iPhone or iPad.

Simply open VPN Tracker and start your VPN using the connection slider:

Connect to VPN to enable your alarm system on the go, check in on your four-legged friends on vacation, or turn on your central heating ready for when you arrive home from work – all without needing to rely on untrustworthy third party cloud services.

“WireGuard®” is a registered trademark of Jason A. Donenfeld.

VPN Tracker securely connects thousands of Macs, iPhones and iPads worldwide with VPNs every day. VPN Tracker was developed from the ground up in our head office in Munich. You can trust in our long experience working with advanced VPN technology.

The post Set Up a WireGuard® VPN Server at Home appeared first on equinux Blog.

Exciting news: Support for WireGuard® VPN connections is now available in the latest VPN Tracker version! Connect to WireGuard® VPN connections on your Mac, iPhone or iPad with a VPN Tracker Pro, VIP, Member, Member Plus and Consultant plan.

What is WireGuard®?

WireGuard® is a modern, open source VPN standard that works on level 3 of the OSI Model and has been massively growing in popularity over the last few years due to its easy setup and high performance.

VPN connections are made by securely exchanging public keys and can be set up in seconds. Connections can be imported on to your Mac, iPhone or iPad using a dedicated configuration file or QR code – making getting connected to your network a breeze.

Configuring WireGuard® VPN in VPN Tracker

VPN Tracker supports importing WireGuard® .conf files and using setup QR codes to configure your WireGuard® connection.

Here’s how to get started with WireGuard® using the new and improved connection editing workflow:

1. Log in to VPN Tracker on Mac, iPhone or iPad
2. Add a new connection, switch to the “Protocols” tab and choose WireGuard® VPN
3. Upload your configuration file or scan your QR code to import your connection settings
4. Give your connection a name
5. Create your connection using VPN Tracker Secure Data Transfer to save securely in your account

You now have access to your WireGuard® VPN connection in VPN Tracker!

When you first start your connection, you may be prompted to enter your username and password. In the majority of cases, this will be the login credentials from your VPN gateway. If you don’t know these, please get in touch with your VPN admin.

Learn more about WireGuard® VPN.

VPN Tracker securely connects thousands of Macs, iPhones and iPads worldwide with VPNs every day. VPN Tracker was developed from the ground up in our head office in Munich. You can trust in our long experience working with advanced VPN technology.

The post New: Connect to WireGuard® VPN in VPN Tracker appeared first on equinux Blog.

The big day is here: After a highly successful beta program, we’re thrilled to announce that VPN Tracker for iPhone and iPad is now available to download on the App Store!

TLDR – all you need to know:

• VPN Tracker is now available for iPhone and iPad!
• Get private access to your own network, at work or home – wherever you are
• Supported protocols: IPSec, OpenVPN, SonicWALL SSL, SSTP, Fortinet SSL, Cisco AnyConnect SSL, WireGuard (beta coming soon!)
• Bring your own VPN gateway (compatible with all leading vendors: SonicWALL, Netgear, Cisco, Fortinet, Sophos, Synology, etc.) 
• 100% secure, fully end-to-end encrypted, no port forwarding required
• Get on your local network: Remotely access file servers, Smart Home devices, Macs and PCs
• VPN Tracker for Mac users: TeamCloud and Personal Safe connections auto-synced on iPhone & iPad PLUS exclusive upgrade discounts

Your new go-to remote access solution for iPhone and iPad

New VPN Tracker for iPhone and iPad enables you to securely connect to your home or office network and get work done on the go. 100% private access, end-to-end encryption and no complicated setup.

Zero configuration – get connected in seconds

Just like VPN Tracker for Mac, VPN Tracker for iPhone and iPad also supports all leading VPN gateway setups. All you need to get connected on iPhone and iPad is a VPN gateway and some basic network information. We’ll take care of the rest!

300+ ready-to-run profiles and step-by-step guides for popular devices make getting connected a breeze.

Pssst… Already using VPN Tracker on the Mac? Then it’s even easier! All your compatible TeamCloud and Personal Safe connections will be auto-synced as soon as you log in on iOS – you don’t need to lift a finger. Get VPN Tracker for iPhone and iPad.

Get secure office access wherever you are

Numbers of remote workers have never been higher than during the last few years – with thousands of people working from home and requiring quick access to their office network. Being able to work on an iPad or even iPhone makes you even more flexible and literally able to work anywhere.

With VPN Tracker, you can create a secure connection to your company network and perform key tasks on the go:

• Use the Files app to connect to file servers
• Open and edit files on the go
• Connect to databases
• Access your company intranet

Cloud control: Fully end-to-end encrypted

Whether you’re rolling out VPN to new staff members, accessing client networks, or sharing connections with friends and family, VPN Tracker enables you to do this quickly and securely.

Secure, end-to-end encrypted TeamCloud technology keeps your connections safe and ensures only you and your trusted team members have access. Learn more.

One VPN client to rule them all

Multiprotocol support

Finding a powerful VPN client for iOS with multi-protocol support has proven to be an impossible task – leaving many professional users stuck switching between multiple apps just to access connections and get work done.

Get all your essential connections in one app – with support for practically all setups (even SonicWALL IPSec!) and killer connection speeds.

3x faster than SSL VPN

Sick of using slow SSL VPN on your iPhone? Connect to SonicWALL IPSec VPN in VPN Tracker for up to 3x faster connection speeds on iOS.

How to connect to your VPN on iPhone & iPad

Get started with VPN Tracker for iPhone and iPad today! Download VPN Tracker from the App Store and start your 7 day free trial to unlock secure remote access on iOS.

VPN Tracker for Mac user? Explore your exclusive upgrade options.

The post New: Connect to Your VPN on iPhone & iPad appeared first on equinux Blog.

What if connecting to your company VPN was really just as easy as launching an app on your iPhone? With VPN Tracker, it is. 

Today, equinux is thrilled to announce that VPN Tracker for iOS beta is now available via TestFlight!

What makes VPN Tracker for iOS special?

With VPN Tracker for iOS, equinux is revolutionizing the way you create, share and access company VPN connections: One tap, zero-config – all made possible by VPN Tracker TeamCloud.

No searching for passwords, no entering server IP addresses or re-configuring connections for new devices, just open the app and connect. Wherever you are.

VPN Tracker for iOS at a glance:

• Multiprotocol VPN support in one streamlined app
• Advanced IPSec VPN support (including SonicWALL SCP & DHCP, EasyVPN and Mode Config)
• OpenVPN, SSTP, SonicWALL SSL, Cisco AnyConnect SSL and Fortinet SSL support
• Guided connection setup: Securely create, edit and share connections from any device on my.vpntracker
• Auto-connect to your VPN on launch
• For pros with multiple connections: Pin, search and filter to find the right connection faster
• Uses the latest technologies built-in to iOS 15 or iPadOS 15

How can I test VPN Tracker for iOS?

The beta is underway and we’re opening up a few more slots today. If you want to try VPN Tracker for iOS for free before the official launch later this year, enter your email address on our registration page to receive the TestFlight download link: vpntracker.com/goto/ios

All TestFlight beta testers will automatically receive a free beta license to try VPN Tracker for iOS. After the beta you’ll be able to purchase a plan to continue using VPN Tracker for iOS.

Tip: Bring over your connections from VPN Tracker for Mac

Be sure to add your essential VPN connections to my.vpntracker using TeamCloud or Personal Safe so they automatically show up on your iPhone or iPad:

1. Log in to VPN Tracker 365 on the Mac
2. Right click on a connection to securely sync it to TeamCloud or your Personal Safe

We can’t wait for you to experience VPN Tracker on iPhone and iPad. Get the free beta today to start testing VPN Tracker for iOS.

Your VPN Tracker Team

VPN Tracker 365 securely connects thousands of Macs worldwide with VPNs every day. VPN Tracker was developed from the ground up in our head office in Munich. You can trust in our long experience working with advanced VPN technology.

From OS X 10.11 including macOS 12 Monterey

The post VPN Tracker for iOS beta is here! appeared first on equinux Blog.

The news is out: VPN Tracker is coming to iOS this spring!

equinux is thrilled to announce the upcoming launch of VPN Tracker for iOS: A secure and sophisticated VPN client for iPhone and iPad, offering multi-protocol VPN support across all your most important devices.

Want to be the first to test VPN Tracker on your iPhone or iPad?

The VPN Tracker team has been giving VPN Tracker for iOS the final finishing touches and we are now getting ready to launch our exclusive beta testing program. Register below for free early access:

VPN Tracker for iOS – Key info

What is VPN Tracker for iOS?

Brand new VPN Tracker for iOS allows you to securely store and connect to all your essential VPN connections in one streamlined app for iPhone and iPad. Experience no-config (yes, you read that correctly!), lightning-fast VPN on all your devices.

Which VPN protocols can I use on my iPhone with VPN Tracker for iOS?

VPN Tracker for iOS supports IPSec (including SonicWALL SCP & DHCP, EasyVPN and Mode Config), OpenVPN, SSTP, SonicWALL SSL, Cisco AnyConnect SSL and Fortinet SSL.

How can I connect to my Mac VPN connection on my iPhone?

VPN Tracker for iOS is powered by TeamCloud and Personal Safe technology, meaning your existing VPN Tracker connections from your Mac will show up instantly when you sign in.

How can I test VPN Tracker for iOS?

The waitlist for our beta testing program is already open and you can register above for free early access.

Once you’ve registered your interest in testing VPN Tracker for iOS, we’ll be in touch to announce more details about how to get your hands on the brand new app.

We can’t wait to hear your thoughts and feedback!

Your VPN Tracker Team

The post VPN Tracker is coming to iOS – Connect to your VPN on iPhone and iPad appeared first on equinux Blog.

SSL VPN and IPSec VPN are both popular options for a standard company VPN connection, but which of the two will give you the best results?

With more and more of us relying on a VPN to connect to essential services whilst working from home, it’s important to take a closer look at the options available to us. For most business users, an SSL or IPSec VPN connection will be the norm. However, when it comes to SSL vs IPSec, there is one protocol that comes out on top.

Why is SSL slower than IPSec VPN?

If you use an SSL VPN connection to connect to your office network, you’ll likely be familiar with lower connection speeds, poor ping times, and overall latency issues, but have you ever wondered why?

SSL VPN runs on the application layer, aka the top layer of the OSI (open systems interconnection) Model. This means it requires more overhead to negotiate connections.
The decryption process for data transferred between server and client via an SSL connection also requires more processing power which can also slow down the connection – it’s not a huge issue on modern machines, but all this extra work does add up.

Get 3x Faster VPN with IPSec

For a faster connection that is just as secure, we recommended changing from SSL VPN to IPSec VPN.
In comparison to SSL VPN, IPSec is able to offer much faster connection speeds as it runs on the network layer – level 3 of the OSI – meaning it’s much closer to the physical hardware:

Our method:

We put the theory to the test: A SonicWALL VPN gateway was configured with both IPsec and SSL VPN connections and connected from the exact same Mac and network environment.
In our tests, the IPSec connection in VPN Tracker offered over 3x higher download and upload speeds, plus much better latency while carrying out everyday tasks.

Even if you aren’t downloading huge amounts of data, the difference in latency means a sluggish SSL VPN experience can feel much snappier using IPsec.

Your next steps for faster VPN speeds:

• Check whether your VPN gateway offers support for IPSec VPN – most leading manufacturers do!
• Set up a VPN connection based on IPSec VPN protocol (tip: refer to our configuration guides for your VPN gateway)
• Download VPN Tracker and use the configuration guide to quickly set up your existing VPN connection

P.S. If it’s a work VPN, reach out to your network admin and see if your gateway already has IPsec VPN support, or if that’s an option they can enable.

Configuring an IPSec VPN connection in VPN Tracker 365

VPN Tracker offers full support for all major VPN protocols – including IPSec VPN.

Flexible VPN configuration options

Choose to configure a device-specific IPSec VPN connection, i.e. for your SonicWALL, Cisco or Fortinet gateway using our tailored device profiles, or set up a custom IPSec VPN connection with your unique configuration requirements.

With additional support for SonicWALL Simple Client Provisioning, Cisco EasyVPN and Mode Config, IPSec VPN setup in VPN Tracker is just as simple as configuring an SSL VPN – with the added speed bonus!

Check out this guide on configuring an IPSec VPN connection to use on your Mac.

SSL or IPSec VPN for my iPhone and iPad?

Mobile user? We’ve also got you covered. Fast connection speeds are more important than ever when connecting on the go using your iPhone or iPad.

VPN Tracker for iOS offers mobile users no-config (yes, you read that correctly!), lightning-fast VPN for iPhone and iPad. In fact, initial speed tests have shown that VPN Tracker for iOS performs up to 2x faster than SonicWALL’s own VPN client.

“VPN Tracker for iOS will be great, because it allows me to connect using IPSec that is already working in all environments and I can share my connection sets with my MacBook.” – Mario Celso Pereira Jr, IT Manager.

Test the VPN Tracker for iOS beta

VPN Tracker 365 securely connects thousands of Macs worldwide with VPNs every day. VPN Tracker was developed from the ground up in our head office in Munich. You can trust in our long experience working with advanced VPN technology.

From OS X 10.11 including macOS 12 Monterey

The post SSL VPN vs IPSec VPN – Which is Faster and Why? appeared first on equinux Blog.

The Netgear Business Router is a popular and cost-effective choice for both small business and home office users alike, thanks to its integrated security features, VPN support (including OpenVPN), and impressive firewall capabilities.

 

Setting up a VPN connection on your Netgear BR200 is easy, as Netgear’s Business Routers support a wide range of VPN protocols, with OpenVPN being by far the most straightforward to configure. In fact, the setup can be completed in just 3 simple steps!

The best news? The latest VPN Tracker 365 version, version 22.0, adds support for Netgear Business Routers, meaning you can connect your Mac to your BR200 in no time at all via OpenVPN.

Keep reading for simple, step-by-step instructions on how to set up an OpenVPN connection for your Netgear Business Router.

 

What is OpenVPN?
OpenVPN is a popular, open-source VPN protocol that allows users to create secure site-to-site or point-to-point VPN connections. Authentication occurs through a pre-shared key, certificates, or username and password.

 

OpenVPN for Netgear Business Router

macOS user? Follow these three steps to set up an OpenVPN connection for your Netgear BR200 and get connected on your Mac:

 

1. Open your Netgear’s web UI, head to the VPN settings and check the box to enable OpenVPN
2. Download the OpenVPN configuration file
3. Optional but recommended: Enable Dynamic DNS on your device (refer to our configuration guide for more information)

 

Your Netgear OpenVPN connection is now ready. You will now require a VPN client – like VPN Tracker, the number one VPN client for macOS, to start using the connection on your Mac.

 

Connect to your Netgear VPN on your Mac

 

1. Download VPN Tracker for free and install the app on your Mac
2. Create a new VPN connection and choose the profile Netgear Business Security Router
3. Drag and drop the OpenVPN configuration file into the configuration window to automatically import the connection settings for your Netgear Business Router

 

Now you’re ready to start using your Netgear Business Router OpenVPN connection on your Mac.

 

Which other Netgear devices are supported by VPN Tracker 365?

VPN Tracker is compatible with all leading VPN gateways and protocols, including the most popular Netgear devices such as the Netgear Nighthawk series and Netgear Orbi WiFi Routers. Both of these devices also support OpenVPN and can be easily configured in VPN Tracker 365.

 

 

 

You may also be interested in…

How to Set Up a VPN Connection for Your UniFi Dream Machine

 

 

 

---

 

 

Trust the #1 VPN client for macOS:

VPN Tracker 365 securely connects thousands of Macs worldwide with VPNs every day. VPN Tracker was developed from the ground up in our head office in Munich. You can trust in our long experience working with advanced VPN technology.

From OS X 10.11 including macOS 12 Monterey

 

The post Setting Up OpenVPN for a Netgear Business Router appeared first on equinux Blog.

5 Ways to Make Your Company VPN More Secure

Your VPN is the backdoor into your internal network. If there are any holes in your security – however small, you could be risking serious security breaches for your company. For this reason, it’s important you carry out all the necessary steps to make sure your VPN is as secure as possible.

1. Select the highest encryption settings for your device

To begin with, you should start by reviewing your VPN’s encryption settings. Check whether you are using the highest encryption algorithms supported by your VPN gateway. Today, AES (Advanced Encryption Standard) is the strongest available encryption algorithm and is even used by governments and military organizations as it as widely considered impossible to crack. For AES, encryption is available up to 256 bits – the so-called “gold standard” of encryption.

Here are some more encryption best practices to consider for your connection:

• Avoid MD5 as a Hash Algorithm
• Enable Perfect Forward Secrecy in Phase 2 (if supported by your gateway)
• Use a higher Diffie Hellman Group

2. Regularly review users

Particularly for larger teams, it’s easy to lose track of how many users you have configured for your VPN connection(s). However, having users associated with your connection who no longer are authorised to have access (i.e. former employees or personnel who are now in a different department) can be a serious security risk for your company.

Make a habit of regularly checking your firewall or VPN gateway device to ensure any ex-employees have been removed and that your user groups only consist of team members who are currently part of your organisation.

Tip: With VPN Tracker 365 Team Management tools, you can access a useful overview of all your team members and when a team member leaves, you can remotely revoke their access to connections via Remote Connection Wipe.

 

3. Frequently update your Pre-Shared Key

Many VPN connections rely on a Pre-Shared Key (PSK) as an authentication measure, meaning it plays a hugely important role in securing your VPN. Just like any important password, you need to ensure you regularly update your PSK to avoid the risk of it falling into the wrong hands.

Generally, the longer your PSK ist, the harder it is to crack – making it much more secure. Many services recommend at least 32 characters. To make things easier, you can use tools like this one to automatically regenerate a new key when it’s time to update.

In addition, for optimal security, you should also avoid sharing the PSK with users via chat, intranet or similar.

Tip: VPN Tracker 365 TeamCloud not only enables you to remotely update and sync your connection’s Pre-Shared Key for all users, it also allows you to hide the connection’s configuration details so that only you have access. This way, you will never have to share the PSK with employees and they can continue working productively. Learn more.

4. Use Two-Factor-Authentication

Two-Factor-Authentication (2FA) has become a popular choice for many admins in recent years. In addition to preventing phishing or social engineering attacks, 2FA adds an extra layer of security to your VPN, giving you peace of mind that unauthorised users aren’t able to gain access.

Some popular 2FA methods include X.509 certificates, OTP authenticator apps like Google Authenticator, Duo etc., and PKI tokens – all of which are supported by VPN Tracker 365. Some VPN gateways also offer hardware-specific, one-time tokens, such as Fortinet’s FortiToken.

5. Apply Zero-Trust principles

With a Zero-Trust network policy in place, users need to go through a strict authentication process to access company resources. This is intended as a solution to stop security breaches and ensure access is kept secure at all times.

In addition, users are only given least privilege access, meaning they only have access to the resources they really need. Consider whether you really need to share a VPN connection with all your team members, perhaps some connections are only needed by admins or specific departments. By minimising the number of co-workers who have access to the VPN, you also reduce the risk of security breaches.

Security tip: The Groups feature in VPN Tracker 365 TeamCloud allows you to pre-determine groups of users and grant them access to specific VPN connections. This way, you can avoid giving all users access to all of your company connections and instead only provide them with the resources they need to perform their tasks.

Choosing a reliable VPN client

There are many VPN clients out there but only a small handful can offer your business the security and peace of mind you need for your important connections. Putting your trust in an unmaintained VPN client can not only hinder your productivity but also put your network at risk from external attacks.

For example, if your VPN client software does not receive regular updates and maintenance, it’s highly unlikely that it’s up to date with the latest security standards required to keep your network secure. Furthermore, without a genuine customer support team, any problems you may face will likely go unresolved, leaving you to pick up the pieces and forcing you to find an alternative solution.

For Mac users, VPN Tracker 365 is the number one choice and possess all the key qualities admins look for in a VPN client:

1. Regular updates and compatibility with the latest macOS versions, including Monterey (see our version history)
2. Support for all major VPN protocols (IPSec, OpenVPN, L2TP, SSTP, Cisco AnyConnect, and more…), plus TeamCloud security features
3. Excellent customer support and one-on-one troubleshooting with our development team

Find out more about VPN Tracker 365 and available licensing options for your team here.

Trust the #1 VPN client for macOS:

VPN Tracker 365 securely connects thousands of Macs worldwide with VPNs every day. VPN Tracker was developed from the ground up in our head office in Munich. You can trust in our long experience working with advanced VPN technology.

From OS X 10.11 including macOS 12 Monterey

The post 5 Ways to Improve Your Company VPN’s Security for macOS Monterey appeared first on equinux Blog.

Steps to take to make your VPN more secure

If you are looking into adopting a Zero-Trust policy into your current network structure, here are a few key steps you can take to protect your organization from threat and make your connections more secure.

Harden your VPN connection

The first step for securing your connection is ensuring your VPN has the optimal security settings in place to protect the network from external threats.

To begin with, you should start by reviewing your VPN’s encryption settings. Are you using the highest encryption algorithms supported by your gateway? VPN Tracker 365 supports encryption up to AES-256 to satisfy even the most demanding standards set by military organizations, enterprises and government.

We also recommend not using MD5 as a hash algorithm and to choose SHA-2 whenever possible. In addition, you should consider using a high DH group and enabling PFS in Phase 2 (if supported by your gateway.)

Choose a secure VPN client

The VPN app on your users’ devices is the gateway into your company’s network, so it needs to be kept as secure as possible. In general, all security relevant software should be checked and vetted to see if they support best practises.

A good VPN client should offer you:

• Secure, end-to-end encryption standards for your connection data (learn more)
• Custom configuration options for connections
• Trustworthy and reputable developers
• Regular maintenance and updates. VPN client software which is not regularly updated can leave your business open to threats, i.e. when it is not compatible with the latest security patch updates or doesn’t offer support for the latest technologies

For Mac users, VPN Tracker 365 is the top choice VPN client and offers full compatibility with the latest macOS version.

Phishing countermeasures – hide connection details from users

Social engineering or phishing attacks only work, if employees have access to sensitive data, such as your connection’s Pre-Shared Key or Shared Secret, or even the VPN gateway address or VPN protocol in use.

Hiding this information before you share the connection is one extra way of eliminating risk.

In addition, by hiding connection details from VPN users, you can also ensure they have no way of using your connections with other external, untrusted software – a key concept within Zero-Trust security.

With VPN Tracker 365 TeamCloud, you can securely share pre-configured VPN connections with team members and hide all the connection details before export:

Verify users with Two-Factor-Authentication

Having a secure user verification process in place is another key part of building an effective Zero-Trust network. When sharing information with individuals within your organisation, you need to be sure that the identity of the person receiving the information is legitimate.

Two-Factor Authentication (2FA) is on the rise and is already built into many leading VPN services. With 2FA in place, your VPN has another layer of protection against hackers and cyber attacks, such as email phishing or spear phishing.

VPN Tracker 365 offers support for for two-factor authentication (2FA, MFA, OTP) based on X.509 certificates, OTP authenticator apps like Google Authenticator, Duo etc. or smart cards, and PKI tokens. Hardware-based one-time passcode tokens and hardware security tokens such as YubiKey, RSA SecurID, or FortiToken for FortiGate devices also work great with VPN Tracker 365 through Extended Authentication (XAUTH).

Granting least privilege access

Another key principle of Zero-Trust security is only granting employees the minimum level of privileges. In other words, only giving users access to the connections they really need, in order to minimise potential risk and avoid unauthorised access to confidential information.

In VPN Tracker 365, this can be achieved using the Groups feature.

Set up TeamCloud Groups to grant pre-determined groups of users with access to specific VPN connections. This way, you can avoid giving users access to all of your company connections and instead only provide them with the resources they need to perform their tasks.

Trust the #1 VPN client for macOS:

VPN Tracker 365 securely connects thousands of Macs worldwide with VPNs every day. VPN Tracker was developed from the ground up in our head office in Munich. You can trust in our long experience working with advanced VPN technology.

From OS X 10.11 including macOS 12 Monterey

The post How to Apply Zero-Trust Security Principles to Your VPN appeared first on equinux Blog.

How to adjust your company VPN to not send all traffic

Trying to connect to your office and home networks at the same time? Want to make sure not all your internet surfing is going via your company VPN?

There’s an easy solution for Cisco AnyConnect VPN and you don’t need to be a networking genius to set it up!

With VPN Tracker 365’s Traffic Control feature, you determine which data should go via your VPN. This means all your work-related traffic will go securely through the VPN, allowing everything else to go over your regular internet connection or local network.

What you need:

• VPN Tracker 365
• VPN gateway address for your Cisco connection
• Network address for your office / university

Step One: Download the VPN Tracker 365 app

VPN Tracker 365 is the number one VPN client for macOS. With a VPN Tracker 365 Pro, VIP or Consultant license, you can configure Cisco AnyConnect SSL VPN connections on your Mac and also benefit from dozens of included productivity features:

• Support for all major VPN protocols, including IPSec, L2TP, PPTP, OpenVPN, Fortinet SSL, SonicWALL SSL, Windows SSTP, Cisco EasyVPN, and Cisco AnyConnect SSL
• Connect simultaneously to multiple VPNs
• Compatibility with the latest macOS versions, up to and including macOS Monterey
• TeamCloud centralized management features
• And much more…

Download VPN Tracker 365 here.

Step Two: Import your Cisco AnyConnect VPN connection into VPN Tracker 365

Setting up a Cisco AnyConnect SSL VPN connection in VPN Tracker 365 is easy. All you need is your VPN gateway address and your login.

To find your gateway address, just open up the Cisco AnyConnect Secure Mobility Client and copy the hostname or IP address for your connection:

Then, go to VPN Tracker 365, create a new Cisco AnyConnect SSL connection, and paste in the address:

When you start the connection, VPN Tracker 365 will prompt you for your username and password. Now you are connected!

Step Three: Set up Traffic Control

Once you’ve successfully configured your connection, switch to the “Advanced” tab, where you can set up your custom VPN settings for Traffic Control.

For this step, you will need the remote network IP address.

What is the remote network IP address?

The remote network IP specifies the network you are trying to reach over the VPN (i.e. your company’s internal network.)

Unsure of what to enter here? Your first port of call should be your IT admin. If you can’t contact them, you can follow these steps to find out your company’s internal remote network address:

1. Open a page on your company’s internal network, e.g. the company intranet and copy the web address
2. Open VPN Tracker 365 and go to “Tools” > “Ping Host”
3. Enter the address (e.g. intranet.greenhaven.net) and hit ping to reveal the IP address (e.g. 192.168.10.12)

Then, simply replace the last digits with a “0” to get the remote network address > 192.168.10.0. (Note: this is a bit simplified, but will work for most common network setups out there).

In the Traffic Control dropdown menu, choose “Only send traffic for the following addresses over VPN” and enter the remote network address from the previous step:

Your Cisco AnyConnect VPN connection will now only be used when accessing addresses which are part of the network you specified. This means all other traffic (i.e. your normal internet traffic) will go through your internet connection as it does normally, bypassing your VPN.

Trust the #1 VPN client for macOS:

VPN Tracker securely connects thousands of Macs worldwide with VPNs every day. VPN Tracker was developed from the ground up in our head office in Munich. You can trust in our long experience working with advanced VPN technology.

From OS X 10.11 including macOS 12 Monterey

The post How to disable all traffic and unblock sites on Cisco AnyConnect VPN appeared first on equinux Blog.