Solved

VPN server at home

Posted on 2004-10-12
8
237 Views
Last Modified: 2013-11-30
I want to set up a VPN server at home so that i can share files with friends... and play vid. games with them. Here is my set up right now

1 Linksys wireless router also a DHCP server
4 client computers (both wireless and wired)
1 server which i plan to use for a VPN server (has Windows 2000 Advanced Server installed) w/2 NIC cards

Here is the set up i am thinking about

(Internet) -> (Cable Modem IP: xx.xx.xx.xx) -> (VPN Srvr) -> (Linksys router 192.168.1.1) -> (..clients..)

Questions:

i)   Can i do this and if so, How?
ii)  Will i need to have my VPN server on ALL the time for my clients to be able to connect to the internet?
0
Comment
Question by:thefallguy
  • 3
8 Comments
 
LVL 2

Accepted Solution

by:
cwisofsky earned 75 total points
ID: 12294844
You can do this, but if you have Windows 2000 server, I would just use it as the router.  It has all the features of the Linksys and more such as DHCP, DNS forwarding, WINS for your internal network, the VPN server (remote access), NAT translation would need to be done there anyways since it is the device that is connected to the Internet.  Yes you will need to have the server on all the time, since you are placing it in the middle.  

The alternative is to leave the Internet on the linksys and then setup port forwarding on the linksys to the Windows VPN ports.  Then the connections would pass through the router to the server and establish a LAN IP for your local network.

Look here for more info:
     http://support.microsoft.com/default.aspx?scid=kb;en-us;255784#kb2
0
 
LVL 3

Expert Comment

by:_anom_
ID: 12294912
In addition, if you plan to use the router, you had best connect the devices like this:   internet-->cable modem-->router-->vpn server (set as DMZ in router config)   because the VPN server needs to be able to assign IP addresses in and communicate with the LAN (which is behind the router).  Also, assuming your friends are connecting through their own internet connections, you would not need to leave it on all the time as they already have a connection, and will only be utilizing the VPN when it is on (or so we should hope ;))

Cheers
0
 
LVL 1

Expert Comment

by:rccbi
ID: 12301679
I think the config I would use would look like:


Internet>Cable modem> NAT router>
And plugged into the switched ports on the router:
> WIndows 2000 Server with VPN enabled in routing and remote access  
and
>Rest of the PCs


In the NAT router forward PPTP traffic (port 1723) to the Windows 2000 server which you can configure to be your VPN server.

I have done this in some offices...works fantastic.

Jason
0
 
LVL 1

Expert Comment

by:rccbi
ID: 12301695
ALSO, I forgot.

I would not make any PC the DMZ server, the security risks are pretty high and not at all necessary for what you are trying to accomplish.
0
 
LVL 1

Expert Comment

by:rccbi
ID: 12301706
Also,

Geez, I could try to get it in all posts.

Routing and Router access can be started and stopped on the W2k server whenever you do not want people to have  VPN access. Or you could stop the PPTP port forwarding on the NAT router too.
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Port 808 is being blocked 9 96
Macbook Sierra OS OpenVPN issue 13 79
slow vpn connection 9 63
Palo Alto Networks: Truly No Hit Count? 2 43
Let’s list some of the technologies that enable smooth teleworking. 
In this article, I am going to show you how to simulate a multi-site Lab environment on a single Hyper-V host. I use this method successfully in my own lab to simulate three fully routed global AD Sites on a Windows 10 Hyper-V host.
Internet Business Fax to Email Made Easy - With  eFax Corporate (http://www.enterprise.efax.com), you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, f…
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.

813 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

10 Experts available now in Live!

Get 1:1 Help Now