Hardware firewall doesn't protect when using VPN tunnels? 1

[killennextdoor]

I read on my PPTP VPN provider's website today that when I am using the VPN service my hardware firewall is basically switched off. Is that really true? Do you advise me to get a software firewall?

 

[brianinms]

Where is your pptp vpn terminating to? PPTP was never really secure to begin with hence it being a point to point tunneling protocol. Its meant for connectivity and not security. Can you post said webpage link as it is difficult to know what you are talking about without referencing the document.

 

[killennextdoor]

Sure. Here is a link:

https://www.relakks.com/faq/qna/

It's in Swedish though. It's the answer to the first question about security/säkerhet.

---
Q: Do I need a special firewall if I use Relakks safe surf?
S: If you have a router and you have been relying on the firewall in it then we recommend you to install a software firewall. The physical firewall in the router can't examine the traffic that goes through the VPN tunnel that Relakks safe surf uses.
---

This is interesting. It sounds reasonable since the endpoint is my computer and the traffic is encrypted until there.

What does this mean practically? If I run Relakks safe surf without a software firewall, am I as vulnerable as if I was connected directly to the net with no firewall?

 

[burtsbees]

What??? Dude---use a firewall to terminate the VPN, and you're golden. Read more about the PIX firewall on Cisco's site, or better yet, the ASA (like the ASA 5505). That Swedish site is advertising their product and telling you that so you would buy their stuff. Get a PIX 501 and you'll be fine!
That's like the satellite company where I live advertising that cable service puts you on the same network as everyone else in your neighborhood...maybe like 10 years ago!

Burt