Best VPN Solution for My Network

Posted on 2011-10-29
Medium Priority
Last Modified: 2012-05-12
Hello All -

I'm trying to find the best method to set up a VPN for my network.  Below are all the details...

Currently, I have a static IP with a domain name assigned to it.  My unsecured cable modem goes directly into a DLink DIR-855 wireleess router which serves as my primary router and firewall.  The only configurations I have in the firewall are about 15 open ports for services like RDP, VNC, Slingbox, FTP, Plex Media, etc...

I also have a machines which acts as my server which stays on 24/7 and runs Windows 7 x64.  In addition, I'm setting up an additional Windows 2008 R2 box now which I plan to configure Hyper-V on which will stay on 24/7 as well. With this, I could set up a VPN with whatever guest for this solution if need be.

I'd like to have a VPN as the native passwords for RDP, FTP, and other services aren't the best in security.  The only catch is that if possible I'd like to have other ports/services like the Slingbox and Plex to not require VPN authentication since I access them from various other devices.

Here's what I've considered so far -
- I've already tried Windows 7 built in VPN host, but couldn't connect to it from any non-Windows devices such as my iPad, iPhone, or Linux boxes.  
- Swapping out the DLink router /firewall with one flashed with DDWRT - isn't there a VPN option on DDWRT?
- I've got an old PIX that I could use - probably 5-6 years old but don't have the model number here right now

Anyways - given the above, what suggestions do you have?  Thanks!
Question by:BzowK
LVL 21

Accepted Solution

Papertrip earned 668 total points
ID: 37051557
You could setup OpenVPN on the DD-WRT router, then setup port forwarding WAN -> LAN for Slingbox and Plex and make sure the ports are open externally, then block external access to all other ports.


Assisted Solution

NebelGorilla earned 668 total points
ID: 37052532
Your equipment gives you many options. Depending on type of clients and performance you maybe want to look for diffrent solutions.

You can try OpenVPN-Server on you 24/7 Windows 7 machine and setup your router for fowarding necessary ports to it. Then you can test non-windows OpenVPN clients with it. They should be available for iPhone/iPad/Linux. Depending on satisfaction you can later switch to a dd-WRT  router to use OpenVPN or PPTP on it. Look up the dd-WRT database for supported devices.

Also you could lookup the PIX model number and check what software release you can run on it. Additionally check the hardware specs of that PIX and VPN hardware-acceleration feature. iPhone/iPad, depending on their software version, are not supported with every PIX software version. So you maybe stop investigating for the PIX-option for your solution.
LVL 71

Assisted Solution

Qlemo earned 664 total points
ID: 37062559
You might have configured the wrong connection on iPhone for using W7 as VPN Server. According to http://support.apple.com/kb/ht1288 both PPTP and L2TP/IPsec are supported. I would prefer the latter, since it is more reliable than PPTP.
Besides OpenVPN, which could run on a Windows machine or the router (as already stated), you can build an IPSec VPN with your PIX as server; iOS should get connected without any app, for Linux and Window (and Mac, if you like) you could have a look at www.shrew.net for a free IPsec client.

Whatever solution you choose, you will not loose the capability to still have direct access to your other services to be provided.

Author Closing Comment

ID: 37070489
All good solutions - Thanks!

Featured Post

Free Tool: IP Lookup

Get more info about an IP address or domain name, such as organization, abuse contacts and geolocation.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Unable to change the program that handles the scan event from a network attached Canon/Brother printer/scanner. This means you'll always have to choose which program handles this action, e.g. ControlCenter4 (in the case of a Brother).
In this article, the configuration steps in Zabbix to monitor devices via SNMP will be discussed with some real examples on Cisco Router/Switch, Catalyst Switch, NAS Synology device.
Internet Business Fax to Email Made Easy - With  eFax Corporate (http://www.enterprise.efax.com), you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, f…
Michael from AdRem Software outlines event notifications and Automatic Corrective Actions in network monitoring. Automatic Corrective Actions are scripts, which can automatically run upon discovery of a certain undesirable condition in your network.…

830 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question