Solved

VPN / Remote Access setup with dynamic IP addressing

Posted on 2004-04-19
5
2,662 Views
Last Modified: 2010-04-12
I have a client who has an office that uses a Cable internet connection.  The ISP provides dynamic IPs.  While the IP address is ever changing, I could never fathom how a VPN can be setup in such a manner.  However, I believe I have either heard or seen seomewhere that VPN or some kind of remote access capability is possible with this type of configuration.  

On the inside, the Internet connection comes across the cable modem and then over a Netgear router (don't know the model off hand, but it's less than a year old).  The Netgear router then deploys internal IP addresses to all machines inside the office, one of them being the 2000 Server where the files reside.

Basically, I'm looking for an overview of what is needed to be able to setup any kind of remote access capability in this environment.  This is an area that I have never dabbled in, but having been in Technology for a few years now, explanations should come to me pretty well.

Thank you in advance for your assistance.
0
Comment
Question by:djhath
5 Comments
 
LVL 79

Accepted Solution

by:
lrmoore earned 500 total points
ID: 10868234
Couple of things you can do.
1. Cable addresses are not as dynamic or changing as you think. Mine has changed exactly once in 4 years. They reserve 1 IP for your MAC address and that's it unless they have to change the subnet for some internal reasons.
2. Use dynamic dns registration and use the dns name vs the IP address
3. Possibly, the Netgear has a "DMZ Host" entry where you can put the private IP address of the Win2k server
4. Setup RRAS/PPTP server on the Win2k system (and a good software firewall)
5. Set up Microsoft VPN client on remote clients
6. Enjoy

0
 
LVL 23

Expert Comment

by:Tim Holman
ID: 10868982
Either you setup a VPN client, which connects to the static public IP you have in your office, or you setup a site-to-site VPN using dynamic crypto maps.
I'm not sure how well the Netgear will respond to dynamic crypto maps, but it is more to do with the type of VPN router you use at the other end, as this is the device that will need to setup the dynamic maps.
So - what device do you have at your end ??


0
 
LVL 3

Author Comment

by:djhath
ID: 10882545
The router is a Netgear RP614v2.

The ultimate objective is to have a setup where multiple employees will be able to login from home.
0
 
LVL 7

Expert Comment

by:sftweng
ID: 10908898
Re: lrmoore's point #2, have a look at dynamic naming service from http://www.tzo.com or http://www.dyndns.org.

You should try to use a static internal IP address for the server rather than using the Netgear's DHCP service for it, and ensure that the router is set up to passthrough PPTP or L2TP.
0
 
LVL 23

Expert Comment

by:Tim Holman
ID: 10913925
Also consider running 2x Cisco routers with 3DES feature sets.  Full IPSEC failover is supported, so that if one router dies, the other will resume connectivity.  These can also be setup with dynamic crypto maps, so that a Netgear or any other VPN router for that matter can use an 'unknown' IP address to create a VPN tunnel, as long as a pre-shared key is known ?
0

Featured Post

Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
RDP through VPN setup 9 58
RDP connection error 5 53
ASA - RV130 VPN tunnel, cannot pass traffic 8 68
AnyConnect VPN - No LAN access 1 33
Overview Often, we set up VPN appliances where the connected clients are on a separate subnet and the company will have alternate internet connections and do not use this particular device as the gateway for certain servers or clients. In this case…
OpenVPN is a great open source VPN server that is capable of providing quick and easy VPN access to your network on the cheap.  By default the software is configured to allow open access to your network.  But what if you want to restrict users to on…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

809 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question