VPN Setup Help

Posted on 2005-04-27
Last Modified: 2010-04-12

I have a DSL connection with a D-Link 524 wireless router that I use to run a Windows network in my house. I recently discovered the Remote Desktop feauture on Windows XP, and I've really started to like it. I'm thinking it would be great to be able to use it from work (especially since that would mean I would not have to lug my laptop with me all the time), and I've been thinking of setting up a VPN. I generally know what I'm doing with computers or can figure it out, but I'm not sure where to start on this one. Could you please help me out with the following:

1) Is a VPN what I need? I'm pretty certain the answer is yes, but hey...

2) Can I do this with my router (D-Link 524) without buying additional hardware and software? If not, what else do I need?

3) I have a dynamic IP, and I'd really rather not write it down each morning before going to work. How can I deal with this? I was thinking of using this:

4) How do I go about modifying my current setup/settings in order to allow VPN access to my network? The more detailed you can be concerning my setup (i.e. my router, windows xp), the better, but I think I mainly just need someone to explain how this works in general. An eye for security here is appreciated. While all my home computers are password protected and I use MAC filtering, etc. I want it to be as hard as possible for just anyone to connect to my VPN.

5) Once it is set up, can I test it from my own network, or do I need to go to an outside computer?

Thanks in advance for helping to walk me through this. If it ends up taking a lot of input I'll raise the pts to 500 to make it worth everyone's while.
Question by:nicholassolutions
    LVL 10

    Expert Comment

    1)  Yes, if you want it to be secure, this is the best method.

    2)  Your D-link 524 doesn't have the capability to terminate a VPN tunnel.  It only can pass VPN traffic, for example, if you were to use a VPN software client from an inside host to connect to your work...  But it will not allow you to connect to it from the Internet.

    3)  Some SOHO routers will allow you to configure your DDNS account (with whatever service you choose i.e., etc.) right onto the router config.  This way, you configure a DNS FQDN for your router like and each time the IP address of the outside interface changes, the router sends an update to your DDNS server.  You therefore connect via its name instead of an IP address.  If you select a router that doesn't have this feature, you can download a Dynamic DNS client which you can install on an inside host that is always on.  This host will detect if the IP changes and will take care of updating the DDNS server.  This is how I have mine setup and I use DirectUpdate 3.6.3.

    4)  When purchasing a new router, make sure you check for the following:  The router should be able to do PPTP and IPSec 3DES encryption at a minimum.  It should have a free (hopefully) software VPN client that come with it (or be compatible with one you can download).  It would be easier if it supports DDNS service right on the router.  I don't know how home-grade routers do with these requirements as I've only used Cisco gear in the past for VPN access.

    Install the VPN client onto your work PC and connect via the FQDN.  Note- certain companies block these connections at the firewall.  Mine is one of those... so I can't connect to my home network from my company LAN.  Also, certain IT departments will not let you install "non-standard" software or it may be against company policy.  In these cases, you may try the built in Windows (I assume that's what you have) PPTP client instead of IPSec 3DES.  This is a bit less secure but many people use that for home networks provided your router supports it.

    5)  I only have a cell phone (no POTS line) at home so if I need to test this, I connect my laptop to Sprint's network.  Otherwise, I imagine you would have to set a static IP on the outside of the router and same thing on your PC... and it would not test certain things like the DDNS config.  Easiest way is try it from a host on the Internet.
    LVL 15

    Author Comment

    Thanks for the help

    I finally bought a VPN router, the D-Link DI-824VUP. I finally have it set up and exposed to the internet (turns out one of my problems was that my DSL modem actually has a router as well, and it was not in bridge mode, so my router was not even exposed to the internet directly), and I was able to test out port forwarding from the router to an ftp server on a PC on my LAN.

    Now I just need to set up the VPN, but I've been having some trouble. I'd like to be able to connect to my LAN from outside, and be in the MS workgroup just as if I were connecting through my LAN at home. I'm not sure which servers I need to set up (PPTP, L2TP,...???). I followed the instructions here for setting up a PPTP server, but when I tried to connectit didn't work (I was trying to connect through my LAN -- should that work?).

    Anyway, could you just walk me through the basics of setting up a VPN like what I'm describing. It doesn't have to be specific to this router necessarily, I just want to know what I need to do.

    LVL 15

    Author Comment

    BTW, I'll be happy raise the pts to 500 if you can help me get this working
    LVL 10

    Accepted Solution

    So now that your DSL modem is in bridge mode, you can reach the public IP address of your new router's outside interface from the Internet.  Great!

    As far as I know, you won't be able to connect from an inside host.  You have to be on the Internet to test the connection.  You might use a dial-up service, that's what I do for testing.

    As far as configuring the VPN, L2TP with IPSec is more secure but also more difficult to setup with the built-in Microsoft client.  Try PPTP first and see if you can make that work.  Once you do, try with L2TP.  

    Unfortunately, I can't walk you through setting this up as I've never done it with this specific router model.  I only have experience with Cisco devices.
    LVL 15

    Author Comment

    Thanks for the help!

    Featured Post

    Do You Know the 4 Main Threat Actor Types?

    Do you know the main threat actor types? Most attackers fall into one of four categories, each with their own favored tactics, techniques, and procedures.

    Join & Write a Comment

    Preface Having the need * to contact many different companies with different infrastructures * do remote maintenance in their network required us to implement a more flexible routing solution. As RAS, PPTP, L2TP and VPN Client connections are no…
    Secure VPN Connection terminated locally by the Client.  Reason 442: Failed to enable Virtual Adapter. If you receive this error on Windows 8 or Windows 8.1 while trying to connect with the Cisco VPN Client then the solution is a simple registry f…
    After creating this article (, I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
    After creating this article (, I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

    733 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    21 Experts available now in Live!

    Get 1:1 Help Now