Need some VPN advice on an SG2100

I just picked up a new client for whom I’ll be reworking some existing network equipment. He’s got a small office with 4 employees including himself. They run most of their operations through an MS Access db. Right now it’s stored on one of their 4 computers but I’m getting ready to change that by installing a Synology DS on which the Access db and other company files will reside.

The owner would like the option to work from home if he needs to so I’m going to have to set up a VPN. Frankly, I’ve never set up a VPN before so this is a learning moment for me. I’ll be installing a netgate SG2100 and I’m wondering what the simplest VPN option will be. I should mention that these are all Windows machines.

Would you choose IPsec, OVPN or Wireguard for this use case? why?


I would use OpenVPN but I will warn you that opening up database connections across the VPN is not a great idea because it can lead to corruption. Best to use the VPN to connect to a local desktop in their office.

1 Like

thanks! What’s your favorite method for doing this? I’ve got some reading to do.

RDP is built into Windows and works well.


I second Tom’s suggestion of Openvpn + RDP. I use that to access certain computers at work. Couple of annoyances with standard RDP:

  1. I think you need to have windows pro installed on the machine that you’re accessing.
  2. you’ll get a security warning for self signed server certificates unless you have a domain set up. I’ve gotten as far as installing my own trusted certs on the rdp server but then windows complains about a lack of a certificate revocation list. CRL’s are beyond my skills. I believe that you can tell windows to make a permanent exception for the RDP server cert on the client machine. This is mainly a cosmetic problem, but some clients don’t like being told to click through security warnings.
1 Like