VPN on OS 10.4 Server Setup

Has anyone had any experience with the VPN that is built into OS 10.4 Server?

We have an xServe and would like to given some employees the ability to log into it from their homes. Everyone has broadband internet and a Netgear WGT624 router in their homes and is running (or will be) OS 10.4. The xServe at the office also has broadband internet and a Netgear FVS318 router and will be upgraded to OS 10.4 Server.

Do we have all the right things to make this happen? If someone could explain step by step so ensure we have all the right hardware/software before we promise this kind of network to staff.

Thanks.
harrisonnessAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

pike480Commented:
the home users don't need any particular router, just use Internet Connect to set up their side of the VPN. Make sure the routers in place will pass VPN traffic, though.

And make sure there is a static IP address on the server side router.
harrisonnessAuthor Commented:
This is a blurb from Netgear about the WGT624 routers at the employees homes:

The WGT624 protects your network with over 10 security and privacy features including a double firewall (NAT + SPI), multi-VPN (pass-through) support, MAC Address Control, and, it’s upgradable to the next generation of wireless encryption, WPA (pre-shared key).

The bit about VPN means it should work yeah?

An this is what they say about the FVS318:
8 VPN Tunnels for Encrypted Remote Access. Want the utmost in network security for your office? NETGEAR's FVS318 ProSafe VPN Firewall provides business-class protection at a NAT router price. This completely equipped, broadband-capable Virtual Private Network (VPN) firewall is a true firewall and provides it all – Denial of Service (DoS) protection and Intrusion Detection using Stateful Packet Inspection (SPI), URL access and content filtering, logging, reporting, and real-time alerts. It initiates up to 8 IPSec VPN tunnels simultaneously, reducing your operating costs and maximizing the security of your network.

So we just need to get a static IP from our broadband supplier at the office and we should be good to go?
pike480Commented:
If you are configuring VPN on the FVS318, then you don't need to do anything on OS X server. If you are configuring VPN on the OS X server, you probably don't have to do anything on the router. A VPN connecting to a router/firewall from a single machine is a "host to network" connection, while a VPN from OS X Client to OS X Server is a "host to host" connection. Any services on the host to host connection type need to be served by the server, unless you have some advanced routing set up on the server using 2 ethernet cards, etc.

The built in vpn client on OS X client should connect to the netgear supplied vpn. If for some reason you can't make it work, look at equinux's vpn tracker, which has all the settings pre-done for you, but it's a commercial app. You can also try IPsecuritas, available from Versiontracker.com, a free vpn client.

If you don't have a static IP at the server, you can use a service like dyndns.org to give you a name to use in place of a dhcp supplied ip address.

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
harrisonnessAuthor Commented:
I think that's got us covered now. Thanks for your help pike480.
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Apple Networking

From novice to tech pro — start learning today.