>> We see much correspondence in these forums about installing a VPN within
>> Qubes. Surely, the most secure place for VPN is to install on a Router?
>> I say these things after reading the following paper [
>> ] in which a group of
>> hackers demonstrate that the majority of routers (in-particular those
>> provided by ISP's] have backdoors to government agencies. These
>> adversary's are able attack our LAN and its devices; including the
>> ability to intercept VPN and Tor traffic.
>> The solution they say is to isolate these rogue routers in the
>> Militarized Zone by creating a DMZ [demilitarized zone]. Achieved by
>> installing a 2nd router [flashed with open source firmware such as
>> OPenWRT]. It is here, on the router, that we should enable and run OpenVPN.
>> Thoughts on this paper and it's conclusions are welcomed
> Thanks everyone for your contributions.
> Implicit in most of your replies is a distinct distrust of the
> modems/routers provided to us.
> If anyone is interested, the solution we adopted to securing our LAN is
> copied from this blog;
> This guy uses a couple of cheap routers loaded with OpenWRT which sit
> behind his infected Modem. His 2nd routed utilises OpenVPN Client and is
> configured to protect "high value" devices.
> We've successfully copied this configuration and it seems!! to work. -
> unless you know better??
The Blogger is correct, the best place to install OpenVPN is to use it
within OpenWRT on a Router.  As well as helping protect incoming and
outgoing traffic to your Qubes device, it can help protect smart phones,
tablets & IoT devices from being attacked and employed for Denial of
Service purposes

You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
To post to this group, send email to
To view this discussion on the web visit
For more options, visit

Reply via email to