Hello
I have RouterOS running as a VM on my server.
I have a camera connected at a remote site to a physical Mikrotik Router. This is on a mobile network without a static or public IP.
The Server sees the camera through the RouterOS VM and VPN. Currently have SSTP but its way too slow.
I dont care about securing the VPN data as its just public cameras.
If I used an unsecured VPN, will it become easy to get my server hacked or have someone screw up my RouterOS configuration?
Thanks
Adros
If you only use the VPN for access to the camera, you can configure the firewall in such a way that even if someone deciphers the authentication and logs in using the credentials stolen from the remote Mikrotik, he won’t be able to establish any connection, i.e. the same way as if the VPN tunnel was yet another WAN interface.
So you can use bare L2TP without IPsec and even without the MPPE (use-encryption=no in the /ppp profile), or bare IPsec with enc-algorithms=null. Both can traverse NAT without problems, and it will be their only purpose.
But the attacker will be able to send you a picture from another camera if he takes the burden to log in instead of the remote Mikrotik.