Virtual Private Networking
My question is about VPN. using win 98.
We have a firewall here at work, and we want someone to be able to acces the network from home using virtual private network. Problem, we've never used it before, and we would like to know the answeres to the following:
1. What software is needed to install it
2. Is it complicated to Use.
3. What's needed to install it
4. How long does it take to get up and running.
Thank you,
Please Help!
Basil
We have a firewall here at work, and we want someone to be able to acces the network from home using virtual private network. Problem, we've never used it before, and we would like to know the answeres to the following:
1. What software is needed to install it
2. Is it complicated to Use.
3. What's needed to install it
4. How long does it take to get up and running.
Thank you,
Please Help!
Basil
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
what do we need to do with RAS ??
Your servers will need to be running some form of remote access service in order to permit access by the Win98 PC.
ASKER
i understand to install ras, but how do i tell the windows 98 client machine which ip address i want to access ? i read an article in msdn.microsoft.com that said how to do it for a machine running windows NT or NT Server, but nothing on Windows 98. ?? this is sooo frusterating. so now that i've installed nt RAs and PPTP on ther server, i should be able to get it by ip address right ? i keep getting an error saying that PPTP is not configured properly. should i try this from outside ? i've called up through the ISP, then clicked on the VPN adapter and i still can't get connected.
thanks so much
thanks so much
Basile, the following URL's should help you a little. As I mentioned above, you really need to have a copy of the Windows 98 Resource Kit. There is a lite version on either the Win98 or Win98SE cd rom, but I really don't know how much info it has. We use the resource kit, but there are just too many pages to post here.
http://support.microsoft.com/support/windows/InProductHelp98/vpn_network.asp?LNG=ENG&SA=PER
http://support.microsoft.com/support/kb/articles/Q217/7/66.ASP?LNG=ENG&SA=PER
http://support.microsoft.com/support/windows/InProductHelp98/vpn_network.asp?LNG=ENG&SA=PER
http://support.microsoft.com/support/kb/articles/Q217/7/66.ASP?LNG=ENG&SA=PER
I think we're missing a vital step here. The firewall. What kind of firewall is it? Are the IP addresses behind NATted? Does it have it's own protocol?
Using RAS and PPTP is fairly straightforward, but you have to get that info lined up first.
AJC
Using RAS and PPTP is fairly straightforward, but you have to get that info lined up first.
AJC
ajcortez, have you even setup a VPN tunnel? The client comes in through a pre-existing internet connection to the server, thus its already ported past the server. NATed is not an issue, there is no other protocol and there's no "info to line up".
ASKER
i accept the answer, because you have given me sooo much help and i appreciate it, the articles were very informative. i may need to ask you another question or two, i hope you are still available to make comments. thank you very much.
Anytime Basil! I'll be here.
Dew
I've set up dozens of VPNs and you've missed a step. If the router is doing the NAT it has to be configured to pass PPTP and forward it to a specified IP address or the traffic dies.
Once again. If you don't have the facts in place, you can't give a complete answer
AJC
I've set up dozens of VPNs and you've missed a step. If the router is doing the NAT it has to be configured to pass PPTP and forward it to a specified IP address or the traffic dies.
Once again. If you don't have the facts in place, you can't give a complete answer
AJC
AJC, I'm not going to argue the point with you, hiwever you would only implement NAT when the firewall doesn't have a proxy in place. Thus, my recommendation that Basil review the resource kit and sit with his network admin.
ASKER
Dew Associates,
If your still around, can you tell me a viable alternative to Using vpn ? can you use PPTP to tunnel two computers ? for instance, can i have my server set up for the user to call into, and if she can gain access to the server, would she be able to see the other computers on the network ?
If your still around, can you tell me a viable alternative to Using vpn ? can you use PPTP to tunnel two computers ? for instance, can i have my server set up for the user to call into, and if she can gain access to the server, would she be able to see the other computers on the network ?
Basil, she can direct dial via RAS, and based upon the permission settings, she can have access to anything she wishes. In essence (short version) set her up to dial in just like you would dial to your ISP.
ASKER
do you mean to have her add a dial up networking entry as the number of our computer ?? remember that she is using windows 98. is there anything special i have to do in NT to have her be able to call us up ? do i have to set it up as a host, or should i just have the modem connected, and she should be able to call right in using RAS ?
Basil,
Remember, much of this depends upon how your network is setup. In our labs, tech can dial direct and be assigned an IP address via dhcp and a script sets up the share. I'm aware that she is using 98, but the basic principles are the same. As for what to set up, you would use RAS/RRAS and I have provided a URL below that should help you.
http://www.microsoft.com/technet/network/default.htm?RLD=188
Remember, much of this depends upon how your network is setup. In our labs, tech can dial direct and be assigned an IP address via dhcp and a script sets up the share. I'm aware that she is using 98, but the basic principles are the same. As for what to set up, you would use RAS/RRAS and I have provided a URL below that should help you.
http://www.microsoft.com/technet/network/default.htm?RLD=188
ASKER
do you mean to have her add a dial up networking entry as the number of our computer ?? remember that she is using windows 98. is there anything special i have to do in NT to have her be able to call us up ? do i have to set it up as a host, or should i just have the modem connected, and she should be able to call right in using RAS ?
Basil, don't be offended here, but do you have any clue how to setup RAS/RRAS on an NT server?
<<do you mean to have her add a dial up networking entry as the number of our computer??>>
Yes, this can be done!
<<remember that she is using windows 98.>>
The principle is the same regardless of whether it is Windows 3.x, 95, 98 or NT.
<<is there anything special i have to do in NT to have her be able to call us up?>>
Yes, implement a RAS/RRAS server.
<<do i have to set it up as a host, or should i just have the modem connected, and she should be able to call right in using RAS?>>
A server is always a host, and of course you have to have a modem connected, how else would she access the server. And yes, she should be able to access the server via RAS as long as you set it up properly.
<<do you mean to have her add a dial up networking entry as the number of our computer??>>
Yes, this can be done!
<<remember that she is using windows 98.>>
The principle is the same regardless of whether it is Windows 3.x, 95, 98 or NT.
<<is there anything special i have to do in NT to have her be able to call us up?>>
Yes, implement a RAS/RRAS server.
<<do i have to set it up as a host, or should i just have the modem connected, and she should be able to call right in using RAS?>>
A server is always a host, and of course you have to have a modem connected, how else would she access the server. And yes, she should be able to access the server via RAS as long as you set it up properly.
ASKER
do you mean to have her add a dial up networking entry as the number of our computer ?? remember that she is using windows 98. is there anything special i have to do in NT to have her be able to call us up ? do i have to set it up as a host, or should i just have the modem connected, and she should be able to call right in using RAS ?
Basil, is there some sort of problem here. You have posted the same thing three times in a row!
Dew,
Now you see why more info is needed for a proper explanation.
You can tunnel to several points in a VPN. You can tunnel to a router with a WAN IP address and different Ethernet IP address and then have the router forward the packet to a firewall then the firewall passes it to the NT server for PPTP RAS. [Rare but useful for the paranoid set]
You can tunnel to the firewall and then have it forward the request to the server.
Or you can tunnel directly to the address of the server.
The only constants in these scenarios are RAS or RRAS and PPTP ports installed on the NT server.
That's what I mean about lining up the information.
That said, perhaps an explanation of the configuration would clear it up.
AJC
Now you see why more info is needed for a proper explanation.
You can tunnel to several points in a VPN. You can tunnel to a router with a WAN IP address and different Ethernet IP address and then have the router forward the packet to a firewall then the firewall passes it to the NT server for PPTP RAS. [Rare but useful for the paranoid set]
You can tunnel to the firewall and then have it forward the request to the server.
Or you can tunnel directly to the address of the server.
The only constants in these scenarios are RAS or RRAS and PPTP ports installed on the NT server.
That's what I mean about lining up the information.
That said, perhaps an explanation of the configuration would clear it up.
AJC
AJ, forgive me for saying this, however if you have read what has been posted here, you will see that Basil apparently has no control over the server operations, as if he had, he would have responded early on.
ASKER