0

So I am using ZeroTier VPN to access local devices, routers(to which I installed ZT on the router, explained here), local servers and devices remotely. However, accessing my router for example I only access it without HTTP, e.g. http://192.168.1.1 which is basically the same way I do when I am physically near the router itself.

On my laptop, there's the ZeroTier Virtual network adapter which is the one handling my access to the IP mentioned so even I am away from the physical location, I can access the router as if I am there, hence, VPN.

My question is, accessing non-HTTPS over VPN is it safe to access non-HTTPS devices? Usually passwords / sessions are part of HTTP payload either through HTTP query parameters or headers.

cyberquarks
  • 269
  • 4
  • 14

1 Answers1

2

Any VPN can only protect from eavesdropping between the two endpoints of the VPN, i.e. your computer and the VPN server. The VPN traffic itself is encrypted, (in theory; with ZeroTier you have to trust them) so it doesn't matter if the payload is plaintext. If you make a plaintext HTTP request then it will not be encrypted in any way between the VPN server and the destination web server.

Michael Hampton
  • 237,123
  • 42
  • 477
  • 940
  • I have this setup, the router having ZeroTier is installed physically on a remote location, the access the to web server (i.e. the router web server) is inside the router box only, the router software running as webserver and installed on it's operating system software also, the ZeroTier VPN software, so it does not leave the box. And I am accessing the router web server through the ZeroTier VPN on my computer, so it goes like: `My Laptop --> ZeroTier Network adapter ---> (ZeroTier Network) ---> Router's ZeroTier interface --> Router web server` does this fit your description? – cyberquarks Oct 05 '20 at 03:07