Some newb VPN questions

[sswingle]

First, lets make sure I know what VPN can allow me to do. What I am hoping it can do is let me connect remotely to my local area network at home, to access share drives and printers that are on my home local area network, from wherever me and my computer may be. I am hoping to be able to view and modify files that are on my network shar drives. Correct?

What do I need to get this going. Lets say I got a router like this http://www.dlink.com/products/?sec=0&pid=59
the D-Link DI-804HV router that has VPN built in.

Does that mean that if I get a vpn client for the computer (are there any good free vpn clients) that I can connect to the router once its setup and be all set? Or am I missing something?

 

[Wyck]

You're right on the money. A good VPN will let you do everything remotely that you could do while directly connected to the network via Ethernet. Except much, much slower.

I haven't used that D-Link product but I've had bad experiences with D-Link in the past. I used the Linksys BEFVP41 two years ago and they were a little rough around the edges (that is, even though it was IPSec compliant many IPSec client applications wouldn't work). Newer firmware releases may have resolved those issues though. I also haven't tried the Netgear product but I've heard good things. Some of the Netgear VPN routers include Netgear client software so you'd be sure that there would be no compatibility headaches.

Netgear FVS318 VPN Firewall - $88.50
Netgear VPN Client Software (VPN01L) - $40.95

If you'd rather save the $40 for the client software, Windows XP actually has built in support. It's a nightmare to setup though and I would really recommend you avoid it.

 

[JackMDS]

May be this can Help, VPN - Virtual Private Networks for small settings.

:sun:

 

[RebateMonger]

You may be better served by Remote Desktop, rather than VPN. VPNs can be troublesome at times. When they work, they are great. When they don't work, they are a mess (read some posts on this Forum....).

Windows XP Professional includes the Host portion of Remote Desktop. There are other, equivalent programs, such as GoToMyPc. Remote Desktop gives you full access to a PC at home (including all its programs and data (such as email) and full access to all network resources (including printers).

A VPN requires the entire contents of a remote data file to be moved across the connection. Remote Desktop only requires the screen image to move across the connection. Both have their uses.

 

[sswingle]

Originally posted by: JackMDS
May be this can Help, VPN - Virtual Private Networks for small settings.

:sun:

Thanks, but the middle link on that page is broken, for VPN setup for routers. It links to
http://www.homenethelp.com/vpn and says directory listing denied.

 

[JackMDS]

Hmmm. it seems that Homehelp net change the site and moved to asp.

Try this http://www.homenethelp.com/vpn/router-config.asp

:sun:

Thanks for the feedback:thumbsup:

 

[sswingle]

Ok, so I've been playing around with software VPN with an XP Pro machine and a Windows Server 2003 Web Edition machine.

If I create a vpn server on my XP machine, the 2003 machine can connect to it just fine. While this is a nice test, I obviously want the sever to be the vpn server. But when I create it the exact same way and try to connect, I get an error saying my user is not allowed to connect via dialup. I go into my computer management for users, and allow user to connect via dialup IS selected.

Also, what is a good way to test this? I am assuming my residential road runner is blocking VPN, as I couldn't connect from the internet to even my XP machine. I set it to DMZ on the router as I did not know what ports it needed. It connected ok, but then kept timing out on verifying username/password, and then gave an error saying the remote machine didn't respond. Like I said, I can connect from within the lan, but that doesn't test the connection much, since anything I try to access it can get from the LAN connection and doesn't need the VPN connection.

My D-Link router is on the way. I had it ordered before making this thread. I'll try it out and see how it works, but I am seriously considering returning it and buying the Linksys that was suggested. Once again though, wondering how I can really test it since my RR seems to have this stuff blocked. Any way to bypass that, or ask it to use another port?

 

[RebateMonger]

PPTP uses port 1723 and protocol 47. There is NO WAY to change these. If RR does block port 1723, you'll have to get a business Internet connection to VPN in with PPTP.

However, I've never heard of port 1723 being blocked by an ISP. It's open at Cox, which blocks 25 and 80.

If a PPTP VPN is connecting, but timing out on Authentication, the problem isn't Port 1723.

 

[Gooberlx2]

I vote for Hamachi. Tunneled Windows file sharing without the hassle. My friend in Milwaukee could access my file shares here, in Denver, perfectly fine and without needing to screw around with firewall/port settings on either the router or computer. What's more, we were able to use the virtual IP (it installs a virtual network adapter) to run a secure FTP server and grab files from each other that way, and resume any interrupted/broken file transfers ('cause ya know, router plugs never get tripped on and pulled out of walls, or wireless connections from rooms far far away never get dropped, which then certainly don't screw a file copy in windows explorer leaving you to do it from scratch all over again...)

Yeah, give Hamachi a try and see if it suits your needs.

 

[sswingle]

Ok, so the saga continues. I finally got the Server 2003 machine to run a VPN server succesfully. THe XP machine can connect to it. Still cannot connect to it from over the internet though. I forwarded all the ports, and it still hangs on verifying username/password, where when connecting on the lan it acceps the login in just a couple seconds. I'll just continue to assume RR is blocking me for now.

I did try Hamachi. It works great for viewing folders on the PC hamatchi installed on....but is there a way to access shares from other computers on the network? I tried setting up a mapped drive, but then XP wont let me share a mapped drive. Let's assume that I cannot install hamatchi on the actual computer that has the files, or it is a NAS drive. Any way to do that? I am assuming with a real VPN connection, I can connect via the devices IP address, just like if I was connected on the LAN. Right?

 

[classy]

If you have 2003 web server and XP there is no need to use a vpn to be honest. Remote Desktop is secure and easy to use. VPNs are really only needed when you need to connect a seperate outside lan. RDP easily takes care of what you want to do, just setup port forwarding and your all set. You are making it harder than it really is.

Also you could use vnc if you like or even pc anywhere.

Let me clarify this a little more because I was a little vague. VPNs are great for connecting users who work from home or like I said earlier a seperate remote lan. Using vpn will allow a person to gain access to the entire network as if they were connected locally. In your case I don't think the use of a vpn is necessary. More than likely you don't have your authentication set properly and to just connect to your home network it is unnecessary. You can access any other pcs on the network after connecting to your 2003 box from the 2003 box. I would skip the vpn and use a remote control client like RDP, vnc, or something like pc anywhere.

 

[jcmuse]

Originally posted by: ScottSwingleComputers
My D-Link router is on the way. I had it ordered before making this thread. I'll try it out and see how it works, but I am seriously considering returning it and buying the Linksys that was suggested. Once again though, wondering how I can really test it since my RR seems to have this stuff blocked. Any way to bypass that, or ask it to use another port?

I think this is a good idea. The guide that was posted (homenethelp) is fantastic. The linksys BEFVP41 or similar are great w/ ssh sentinel which can be easily obtained (pm me if interested). I wouldn't say it is idiot proof... it does take some knowhow.. but the tutorial is pretty in-depth, and you always have forums if you have problems. The fact that the BEFVP41 is a popular vpn solution makes obtaining support much easier.

anyway, i'd go the linksys route if i were you.

Yes, you can access window shares, printers etc, just as if you were connected locally. What exactly do you plan on doing?

 

[enabledhosting]

HI, I am haveing a similar problem with RR Bus. Class. I have a win 2k server running as a vpn server. I have 10 remote client machines running xp.
1. I had the server (home office) on Bellsouth DSL. Clients on Road Runner. All worked great.
2. moved the home office to RR Biz Class and vpn client connects, but we can not see the network at all.
3. Take a client (unchanged except for ip address) to a different BellSouth DSL Location and all works great.

I have not changed any thing on the server or router, (Linksys WRT54G) except for the public ip address and gateway and subnet mask.

I have run port scanning on the home office and found that port 1723 is being blocked. Now, saying that would it not work at all or what?

Thanks

Robert
EnabledHosting.Com