Solved

How to set up a VPN

Posted on 2006-11-09
6
3,554 Views
Last Modified: 2008-06-26
Hi

I am sure that this question has been answered somewhere but there are so many results for a search on VPN that I am going to ask again. Hope this is ok.  I am a complete newbie when it comes to VPN and anything networking pretty much does my head in so please bare with me!

I have two locations. The main office where all the files are held on a fairly powerful Desktop computer running Windows XP Pro and a second location with a computer also running Windows XP pro who will want to access the files on the main office computer.  The office is connected to the internet via a Draytek 2600VG router.  I don't have a fixed IP address.  Broadband in my area is only 2meg I think.

Questions:

1. Is a VPN a possible solution under the above senario?

2. Is a VPN a practical solution for the above?

3. If yes what are the steps on each computer that I need to take to make the VPN work.

I have heard quite a bit about how VPN's are a bit unreliable or complex is this true? What are the draw backs? Are there alternatives?

Thanks.

purpleperson
0
Comment
Question by:purpleski
6 Comments
 
LVL 42

Accepted Solution

by:
zephyr_hex earned 64 total points
ID: 17908344
1.  it depends on what kind of VPN you want.  if you want a VPN that is always up, then you will want a static IP.  you will also need a router at each location that supports VPN.
2.  see #1
3.  the steps aren't on the computers themselves.  it's on the routers.

VPNs are not unreliable, and are not complex.  they offer security.  they also offer the ability to access files and manage systems that are not at your physical location.

an alternative would be some form of Remote Desktop.  for the scenario you've mentioned, i would recommend RealVNC.  the drawback with RealVNC is that it is a 1 - way connection.  the person at computer A can access computer B, but computer B can not access computer A.  also, with RealVNC, the person at computer A actually takes over control of computer B, so if there is a person on computer B, they will not be able to work at the same time.  RealVNC is also not nearly as secure as VPN.
0
 
LVL 9

Assisted Solution

by:smidgie82
smidgie82 earned 62 total points
ID: 17909190
You might consider Hamachi if you want a cheap, easy solution.  It does not support dynamic IP addresses, necessarily, but at the same time it kind of does.  For instance, both locations can change IP addresses, and this will not affect their ability to connect to a Hamachi virtual network and find each other.  However, there is no guarantee that the addresses handed out by the Hamachi service will remain the same from one session to the next...  also, it's peer-to-peer, rather than client-server, so the service itself does not necessarily offer authentication, just privacy.  You'll still need some form of additional authentication mechanism to use it securely.

0
 
LVL 32

Assisted Solution

by:Luc Franken
Luc Franken earned 62 total points
ID: 17909603
Hello Purpleperson,

As you're running Windows XP pro on your office computer, you should have no problems in turning it into a PPTP VPN server.
Please follow all steps listed at http://www.onecomputerguy.com/networking/xp_vpn_server.htm

1. Go to Start / Settings / Network Connections
2. Start the New Connection Wizard
3. Click on the Next button
4. Select Set up advanced connection
5. Click on the Next button.
6. Click on Accept incoming connections
7. Click on the Next button
8. At the LPT1 page, skip it and just click on the Next button.
9. Click on Allow virtual private connection
10. Click on the Next button
11. Add user accounts that you want to be able to connect to your WindowsXP computer.
12. Click on the Next button.
13. Highlight Internet Protocol (TCP/IP) and click on Properties
14. Determine how you want the remote computers to get their IP address
15. The above example will assign IP addresses to each client. Make sure the IP scheme is the same as on your server.
16. If the VPN server is behind a router, Port Mapping will need to be done on the router. Standard port usage is 1723 for PPTP.  You might also need to configure your router for PPTP Passthrough. These ports will have to be forwarded to the VPN server's IP

(All credits go to the site mentioned before)

How to forward port 1723 on a Draytek 2600WE (I'm not sure if the interface is the same as on the 2600VG) can be found at: http://www.portforward.com/english/routers/port_forwarding/Draytek/Vigor2600WE/Point-to-Point_Tunneling_Protocol.htm

After you've done all this, you can setup a VPN client connection on your home computer as explained at http://doc.m0n0.ch/handbook/pptp-windows.html (I won't type out all of the needed steps as it's rather straight through if you've read the above on setting up a VPN server)

In case you don't want to remember the IP-address of the VPN server or it changes too often to be able to rely on it, you can use some Dynamic DNS server like www.dyndns.org to have a fixed domainname linked to the dynamic IP of your office.

One extra thing to make sure of is that the local and remote network are in a different range. So if your home location is also behind a router, make sure the subnet is different (e.g. 192.168.1.x in one location and 192.168.2.x in the other)

Best regards,

LucF
0
 
LVL 77

Assisted Solution

by:Rob Williams
Rob Williams earned 62 total points
ID: 17910326
The other option is to use the Draytek as the VPN endpoint. You have a very nice unit, that also offerers internal VPN creation, rather than having to set up the Windows VPN server and enable port forwarding. This has several advantages:
-Better security where it uses IPSec protocol rather than PPTP, as well as no ports have to be opened/forwarded
-Slightly better performance, as you have dedicated device handling encryption.
-Draytek, unlike many other router manufacturers, does not charge a licensing fee based on the number of VPN connections/users
Outline is available at:
http://www.draytek.co.uk/products/about_vpn.html
0

Featured Post

Why You Should Analyze Threat Actor TTPs

After years of analyzing threat actor behavior, it’s become clear that at any given time there are specific tactics, techniques, and procedures (TTPs) that are particularly prevalent. By analyzing and understanding these TTPs, you can dramatically enhance your security program.

Join & Write a Comment

Sometimes, you want your microsoft VPN to route all the traffic to the remote network. Usually your employer network. This makes it possible to access all the nodes inside this remote LAN, even if they have no "public DNS" entries. To do so, you wo…
Some of you may have heard that SonicWALL has finally released an app for iOS devices giving us long awaited connectivity for our iPhone's, iPod's, and iPad's. This guide is just a quick rundown on how to get up and running quickly using the app. …
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

747 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

17 Experts available now in Live!

Get 1:1 Help Now