How to set up a VPN

Hi

I am sure that this question has been answered somewhere but there are so many results for a search on VPN that I am going to ask again. Hope this is ok.  I am a complete newbie when it comes to VPN and anything networking pretty much does my head in so please bare with me!

I have two locations. The main office where all the files are held on a fairly powerful Desktop computer running Windows XP Pro and a second location with a computer also running Windows XP pro who will want to access the files on the main office computer.  The office is connected to the internet via a Draytek 2600VG router.  I don't have a fixed IP address.  Broadband in my area is only 2meg I think.

Questions:

1. Is a VPN a possible solution under the above senario?

2. Is a VPN a practical solution for the above?

3. If yes what are the steps on each computer that I need to take to make the VPN work.

I have heard quite a bit about how VPN's are a bit unreliable or complex is this true? What are the draw backs? Are there alternatives?

Thanks.

purpleperson
purpleskiAsked:
Who is Participating?
 
zephyr_hex (Megan)Connect With a Mentor DeveloperCommented:
1.  it depends on what kind of VPN you want.  if you want a VPN that is always up, then you will want a static IP.  you will also need a router at each location that supports VPN.
2.  see #1
3.  the steps aren't on the computers themselves.  it's on the routers.

VPNs are not unreliable, and are not complex.  they offer security.  they also offer the ability to access files and manage systems that are not at your physical location.

an alternative would be some form of Remote Desktop.  for the scenario you've mentioned, i would recommend RealVNC.  the drawback with RealVNC is that it is a 1 - way connection.  the person at computer A can access computer B, but computer B can not access computer A.  also, with RealVNC, the person at computer A actually takes over control of computer B, so if there is a person on computer B, they will not be able to work at the same time.  RealVNC is also not nearly as secure as VPN.
0
 
smidgie82Connect With a Mentor Commented:
You might consider Hamachi if you want a cheap, easy solution.  It does not support dynamic IP addresses, necessarily, but at the same time it kind of does.  For instance, both locations can change IP addresses, and this will not affect their ability to connect to a Hamachi virtual network and find each other.  However, there is no guarantee that the addresses handed out by the Hamachi service will remain the same from one session to the next...  also, it's peer-to-peer, rather than client-server, so the service itself does not necessarily offer authentication, just privacy.  You'll still need some form of additional authentication mechanism to use it securely.

0
 
LucFConnect With a Mentor EMEA Server EngineerCommented:
Hello Purpleperson,

As you're running Windows XP pro on your office computer, you should have no problems in turning it into a PPTP VPN server.
Please follow all steps listed at http://www.onecomputerguy.com/networking/xp_vpn_server.htm

1. Go to Start / Settings / Network Connections
2. Start the New Connection Wizard
3. Click on the Next button
4. Select Set up advanced connection
5. Click on the Next button.
6. Click on Accept incoming connections
7. Click on the Next button
8. At the LPT1 page, skip it and just click on the Next button.
9. Click on Allow virtual private connection
10. Click on the Next button
11. Add user accounts that you want to be able to connect to your WindowsXP computer.
12. Click on the Next button.
13. Highlight Internet Protocol (TCP/IP) and click on Properties
14. Determine how you want the remote computers to get their IP address
15. The above example will assign IP addresses to each client. Make sure the IP scheme is the same as on your server.
16. If the VPN server is behind a router, Port Mapping will need to be done on the router. Standard port usage is 1723 for PPTP.  You might also need to configure your router for PPTP Passthrough. These ports will have to be forwarded to the VPN server's IP

(All credits go to the site mentioned before)

How to forward port 1723 on a Draytek 2600WE (I'm not sure if the interface is the same as on the 2600VG) can be found at: http://www.portforward.com/english/routers/port_forwarding/Draytek/Vigor2600WE/Point-to-Point_Tunneling_Protocol.htm

After you've done all this, you can setup a VPN client connection on your home computer as explained at http://doc.m0n0.ch/handbook/pptp-windows.html (I won't type out all of the needed steps as it's rather straight through if you've read the above on setting up a VPN server)

In case you don't want to remember the IP-address of the VPN server or it changes too often to be able to rely on it, you can use some Dynamic DNS server like www.dyndns.org to have a fixed domainname linked to the dynamic IP of your office.

One extra thing to make sure of is that the local and remote network are in a different range. So if your home location is also behind a router, make sure the subnet is different (e.g. 192.168.1.x in one location and 192.168.2.x in the other)

Best regards,

LucF
0
 
Rob WilliamsConnect With a Mentor Commented:
The other option is to use the Draytek as the VPN endpoint. You have a very nice unit, that also offerers internal VPN creation, rather than having to set up the Windows VPN server and enable port forwarding. This has several advantages:
-Better security where it uses IPSec protocol rather than PPTP, as well as no ports have to be opened/forwarded
-Slightly better performance, as you have dedicated device handling encryption.
-Draytek, unlike many other router manufacturers, does not charge a licensing fee based on the number of VPN connections/users
Outline is available at:
http://www.draytek.co.uk/products/about_vpn.html
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.