I have one remote harvester that I use a VPN connection to connect the system. I am interested in adding another harvester and I wonder if or what the risks are running it with no VPN connection.
I would assume I need to open a port for communication. And most likely can only have one harvester at this location. And considering the need for certificates, The information being transferred is encrypted?
I have one harvester at a remote location (different public IP) away from the LAN where my full node is. Yes you need to port-forward to your full node. There are no security concerns I am aware of once you have set up your harvester correctly. Usual port-forwarding concerns of course.
It works, as mentioned you need to port forward and of course use same CA cert just like if you woul locally. I have not sniffed the trafic to confirm if it’s encrypted when I tried this but since you are using SSL certs for handshake I imagine it is secure.