Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

I agree without vpn nas security can be poor. There are a lot of open ports handled by obscure applications.

What would be the difficulty with a vpn? Synology has VPN on device. It seems to be a matter of enabling it. Routers also typically include vpn functionality.




Enabling it is just the start. Then you have to worry about permissions. Then you have to add the configuration to all of your devices. Then you have to hope that the protocol choices you made are compatible. When they aren't, you have to experiment. Then an update breaks them and you have to scramble to find compatible versions/protocols or just live with it being broken until latest is fixed. Even when the network connectivity is working, you aren't done. You have to hope that the subnets and split-horizon DNS allow it to coexist with the other VPNs you have to use. If not, you have to play the VPN hopping game every time you want to use your site. Hope you don't need simultaneous connections! Then you have to worry about apps that complain (or, worse) when underlying storage appears/disappears due to changing networks. Then you have to worry about apps that don't like your DNS (".lan isn't a real TLD, better do something stupid"). Oh, right, you have to setup private DNS -- which your router might have done automatically (which is why you have .lan), but which you might need to reconfigure to workaround the aforementioned problems. Then you have to worry about apps starting to migrate to DoH.

So no, it's not easy, it's a lightweight IT gig just to connect to your damn server! This is one of those tasks that I regularly see highly capable techies underestimate because of some combination of getting lucky on a small number of deployments and/or their brain engaging in protective amnesia to protect them from living with the scars of having wasted big chunks of otherwise perfectly good life fiddling with VPN settings.

Being able to serve resources on the open internet is extremely important and NASes clearly aren't up to the task yet.




Consider applying for YC's Fall 2025 batch! Applications are open till Aug 4

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: