Solved

Starting a VPN

Posted on 2004-10-29
292 Views
Last Modified: 2010-04-10
Hi, i work at my uncles office in downtown, his got DSL connection and no fixed ip address. I have installed in my house DSL too a few days ago and i would like to start a VPN network but have no idea how to start or where.
The question:
How do i start a VPN network, any ideas on great tutorials. Both my uncle and me navegate through a broadband router and have windows xp.

Thanks a lot.
Churrasco.
0
Question by:churrasco
    12 Comments
     
    LVL 10

    Expert Comment

    by:NetworkArchitek
    Hi churrasco,
    Well you could do this a few different ways and I am sure people will suggest them all. One you could use Win2k Server's Routing and Remote Access, but this would require you to have knowledge of those things. I think the best thing in your situation, assuming this is pretty much a small office, is to use a little linksys VPN router such as this:

    http://www.linksys.com/Products/product.asp?grid=34&scid=29&prid=411

    Hook that up at your uncle's office, you can use it as your internet router or whatever. It does not have to actually be your router, but it may as well be. It would be nice if your uncle could get a static IP, these are being offered rather cheaply now, but you can use a "dynamic dns" service like at:

    http://www.dyndns.org/

    Once you get these setup you can should be able to access the network at your uncle's office without much difficulty. The linksys box is nearly foolproof. Hope this helps.

    Cheers!
    0
     
    LVL 6

    Expert Comment

    by:davy999
    0
     
    LVL 6

    Expert Comment

    by:davy999
    0
     
    LVL 10

    Expert Comment

    by:plemieux72
    I agree with NetworkArchitek.  To elaborate:

    You have 2 choices:

    1)  For unlimited connectivity between both private networks:
    Get two VPN routers of the same kind (although most are interoperable, it's easier to deal with only one vendor so they can't point fingers if something goes wrong).  Install one at your site and one at his site.  Make sure the IP addresses dont overlap.
    For example, the network at your site is 192.168.8.0 255.255.255.0 and the network at his site is 192.168.16.0 255.255.255.0.
    This way, you can set your router's inside IP address will be 192.168.8.1 and his will be 192.168.16.1.  Addresses in those ranges will be assigned to clients behind each router respectively.
    Then, setup the site-to-site VPN tunnel between the two routers.  By the way, don't assign 192.168.1.0 or 192.168.1.1 if you can.  If you need to add tunnels in the future those address ranges are widely used and may overlap with yours.  There are ways around that but it's complicated...

    2)  If your only need is to connect to his office, you just need one (1) VPN router at his site.  Then, you use a software VPN client on your computer to connect to his network from anywhere.  
    0
     

    Author Comment

    by:churrasco
    So far is good to start, but i was wondering if i could get some more professional vpn, i´m not going to buy to routers of the same brand, not because of the money, but because of the challenge, you can´t get some if you make it that easy.

    Thanks,
    Churrasco.
    0
     
    LVL 10

    Expert Comment

    by:plemieux72
    Churrasco,
    Are you saying you have decided to go with choice 1)  ?
    If so, are you also saying that you prefer to get two routers of different brands so you can get experience in configuring them to interoperate with each other?
    What do you mean by "more professional vpn"?  Please clarify your above statement... I've read it over and over and I am not sure what you mean.
    0
     
    LVL 10

    Expert Comment

    by:NetworkArchitek
    He wants something more robust so that he can somehow learn more about it. The more professional setup would be too purchase two seperate routers. You could go with a Cisco solution if you want something more robust and professional.
    0
     
    LVL 10

    Expert Comment

    by:plemieux72
    Right.  A solution using a Cisco PIX and a Cisco router works fine for me.  When I implemented that, it allowed me to learn IOS as well as PIX OS and the VPN tunnel is very stable and works like a charm.

    With two different brands, you could go between a Cisco and a Checkpoint for example.

    Cisco has sample configs for a lot of different scenarios.  See:
    http://www.cisco.com/cgi-bin/Support/browse/psp_view.pl?p=Technologies:IPSec&s=Implementation_and_Configuration#Samples_and_Tips
    (I think you need a CCO login for this)

    0
     

    Author Comment

    by:churrasco
    The cisco link its useless unles you give me a login name and password.
    0
     
    LVL 10

    Expert Comment

    by:plemieux72
    But, have you registered with Cisco for a CCO account?  Click on the "Register" link on top of their home page.  I think this will give you access to some parts of the web site.  I can not tell if it will work for the link above however.  This is one issue with Cisco's site, unless you have a service contract, some of their resources are not available.

    However, give it a try... there's a wealth of information you can get by registering.  Then, if you purchase any equipment from a Cisco reseller, be sure to purchase a SmartNet contract AT THE SAME TIME.  This will allow access to pretty much everything including the downloads section.  The reason I say "at the same time" is that, in my experience, it's difficult to get a SmartNet contract after.  The cheapest contracts you can get are the 8x5xNBD (8 hours x 5 days/week x next business day) service.  If the equipment is not critical, this is what I do.  Also, one very nice advantage is that you can open TAC service requests (SR) on the web site for assistance from a Cisco engineer if you run into trouble with your configs.
    0
     
    LVL 10

    Expert Comment

    by:plemieux72
    I think we should split points between networkarchitek and myself?
    0
     
    LVL 1

    Accepted Solution

    by:
    0

    Write Comment

    Please enter a first name

    Please enter a last name

    We will never share this with anyone.

    Featured Post

    Course: Foundations of Front-End Development

    Jump-start a lucrative career in front-end web development, with zero previous coding experience required. This course covers the basic programming concepts and languages required for creating engaging websites from scratch.

    Imagine you have a shopping list of items you need to get at the grocery store. You have two options: A. Take one trip to the grocery store and get everything you need for the week, or B. Take multiple trips, buying an item at a time, to achieve t…
    Let’s list some of the technologies that enable smooth teleworking. 
    Viewers will learn how to connect to a wireless network using the network security key. They will also learn how to access the IP address and DNS server for connections that must be done manually. After setting up a router, find the network security…
    After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

    913 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    17 Experts available now in Live!

    Get 1:1 Help Now