VPN - Can a Linksys Home Router be used to establish a full time VPN tunnel to a MS PPTP VPN Server?

Hey everyone,

I need to know if a Linksys Home/SOHO VPN Router be used to establish a full time VPN tunnel to a MS PPTP VPN Server?  Say for example,
a user at home wants to connect to his office via VPN.  

The corporate VPN solution is a MS PPTP VPN server.  The home user has a capable Linksys, DLink, Netgear, etc VPN tunnel capable router.

Is that possible and has it been seen before?

Thanks,
inverted
LVL 2
inverted_2000Asked:
Who is Participating?

Improve company productivity with a Business Account.Sign Up

x
 
chuckyhConnect With a Mentor Commented:
PPTP is mainly used for session based vpn connections. I don't think you'll be able to establish a constant tunnel with a Ms pptp vpn server.
You'll need a device that does ipsec to establish a constant tunnel between 2 sites.
0
 
inverted_2000Author Commented:
Thanks chuckyh...

Anyone else had some experience trying this?

Thanks (o:
0
 
Michael WorshamInfrastructure / Solutions ArchitectCommented:
The nearest Linksys router that can work as a full time VPN tunnel is either the BEFSX41, BEFVP41 and the RV Series (i.e. RVS4000, RV016, etc).

I recommend the RV016 class units as these are the easiest to setup and have a number of features to make sure the tunnel stays up, even where there is no traffic going on.

0
Increase Security & Decrease Risk with NSPM Tools

Analyst firm, Enterprise Management Associates (EMA) reveals significant benefits to enterprises when using Network Security Policy Management (NSPM) solutions, while organizations without, experienced issues including non standard security policies and failed cloud migrations

 
BrughConnect With a Mentor Commented:
^ Chuck is correct. You will have to establish IPSec Tunnel between the two devices and yes, depending on which model you own, the linksys will do Point to point VPN tunneling.  You will just want to verify that against the product manual.

You must have a firewall at the main office, in which case, you will need to know if the main office router can handle IPSec tunnels(most can),  and then determine if its compatible with the Linksys you want to use at the home.

However, keep in mind that a HOME network is not normally protected and if that tunnel is always up, you open yourself up to a big security gap.

 - brugh

0
 
inverted_2000Author Commented:
The "Linksys" SOHO VPN routers...which I've installed for SMB offices from time to time...are IPSec based VPN applicances.

Our MS server, being a PPTP, will not, or is not configured for IPSec tunnels...so,

1)  Being that our MS VPN server at work is PPTP, users can NOT establish a full time tunnel with a retail SOHO VPN router such was the WRV54G router from Links, or the other models that mwecomputers pointed out.
2) A full time tunnel via IPSec would be possible if the MS server at the office was configured for that and the SOHO VPN router was configured for the office tunnel?

What cha think about those 2 questions?
thanks a ton folks.
0
 
inverted_2000Author Commented:
yeah mwecomputers:

I just installed a  
WRVS4400N
in a SOHO...the VPN Client software still isn't too good, and it dropped the wireless clients like mad till I upgraded the firmware a few weeks ago for them.

FYI )o:
0
 
Michael WorshamInfrastructure / Solutions ArchitectCommented:
I hope you aren't using the Linksys QuickVPN client software on the remote user platforms. It's crap. The hardware VPN endpoints will be the most likely bet, the issue is just finding one that handles IPSec correctly.

Can you describe the network infrastructure and the server environment the users need access to? That might give us a better picture where to start and how to design a solution for the problem.
0
 
inverted_2000Author Commented:
Big corporate Network uses PPTP on a MS server 2003 to allow remote VPN access for remote, single laptop type, users.

A boss of mine wants a couple of thin clients to access the Big Corporate network without using another MS Server to create the connection, but a much less expensive SOHO router that the thin clients will connect to the terminal server with.

Hope that helps (o:
0
 
mikeleebrlaConnect With a Mentor Commented:
If you want to flash a new OS onto your router you can
http://lifehacker.com/software/router/hack-attack-turn-your-60-router-into-a-600-router-178132.php

A list of supported SOHO routers is here:
http://www.dd-wrt.com/wiki/index.php/Supported_Devices

installation instructions are here:
http://www.dd-wrt.com/wiki/index.php?title=Installation#Is_your_router_supported.3F

Of course this isn't supported by linksys.

0
 
Michael WorshamConnect With a Mentor Infrastructure / Solutions ArchitectCommented:
Since the MS PPTP server most likely requires MS-CHAP to be used (i.e. desktop clients are readily available), I don't really think there is a hardware VPN router solution to this.

Now, if your remote users had say a linux server available, they could setup something like a FreeS/WAN or PPTP Client on it and have it be used for a network sharing connection.

PPTP Client -- http://pptpclient.sourceforge.net
Poptop - The PPTP Server for Linux -- http://www.poptop.org/
FreeS/WAN -- http://www.jacco2.dds.nl/networking/freeswan-l2tp.html
0
 
chuckyhCommented:
So to sum it all up.

If you want to establish full time VPN tunnels between 2 sites, you'll need firewalls/routers that can do ipsec tunnels at both sites, that is by far the easiest way..
Ms server can be configured to do an ipsec tunnel. http://support.microsoft.com/kb/816514
I wouldn't recommend it though.
0
 
inverted_2000Author Commented:
My Boss installed a 2003 Std box to conduct the VPN connection.

I really appreciate eveyone's comments and help.  I learned some very useful new information from this.

THanks again,
inverted
0
 
Ben ZarpentineCommented:
Do those routers mention above support VPN Split tunneling or Full tunneling?
Thanks,
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.