Solved

Remote access VPN server (virtual machine)

Posted on 2013-11-14
4
724 Views
Last Modified: 2013-11-20
Our server consists of a single VMWare ESXi server with a dozen virtual machines running various services on it. The ESXi host is in a datacenter with one single public IP address that gets some pretty good bandwidth.

The host is not directly internet facing. There's a VM inside which is running the pfSense router distro, and it essentially does NAT and routing for all of the VMs inside the server. All the other VMs are on a small virtual local area network.

I need to set up some dead-easy remote access VPN for our remote workers to access this network.

It needs to be:

    1) Really easy for the end user to install the VPN software and get up and running
    2) Uses Active Directory for user authentication, and groups for access control
    3) Somewhat configurable with regards to what parts of the local network the remote user has access to
    4) Solid and work well in a variety of non-ideal networking environments (e.g. hotel, tethered to a cell phone, etc)

We have a Windows Small Business Server 2011 VM running on this server, so a simple solution was to set up PPTP VPN, but it isn't secure. I have not been successful configuring IPSec and L2DP VPN on the SBS 2011 virtual machine.

Originally I wanted to set up the pfSense router's internal VPN services and use that, but again PPTP is insecure, I wasn't successful setting up L2DP or IPSec, and OpenVPN seems pretty complicated for the end user.

Are there any virtual appliances that provide a really easy remote-access VPN solution + a client that works reliably on Windows?

I was thinking about this:
https://openvpn.net/index.php/access-server/overview.html

But wondering if there's maybe some other products I might be overlooking?

Commercial is okay so long as it's a relatively small one-time licensing cost.
0
Comment
Question by:Frosty555
  • 2
4 Comments
 
LVL 32

Accepted Solution

by:
nappy_d earned 500 total points
ID: 39650919
Take a look at openVPN. I've been using it and it does all you ask for.
0
 
LVL 36

Expert Comment

by:ArneLovius
ID: 39651303
As an alternative to pfSense, you might also look at Sophos UTM which can run as a Virtualised instance, this has an SSL VPN.

You might also use Remote Web Workplace on SBS
0
 
LVL 31

Author Closing Comment

by:Frosty555
ID: 39661258
It pains me to accept this comment as the answer. It feels like a "drive-by" answer and you didn't actually take the time to read my question. I specifically mentioned OpenVPN and my concerns with it's complexity to set up and configure. I even linked to the commercial "OpenVPN Access Server" product as something I was considering, and then I clearly asked what my alternatives were. Your answer completely ignores all of that.

But in the end, I figured out how to use pfSense properly, ran through the OpenVPN configuration wizards again and this time around it worked like a charm. So indeed, OpenVPN was the answer.
0
 
LVL 36

Expert Comment

by:ArneLovius
ID: 39663884
Well you could have split the points as I provided alternatives to OpenVPN.,,
0

Featured Post

How to improve team productivity

Quip adds documents, spreadsheets, and tasklists to your Slack experience
- Elevate ideas to Quip docs
- Share Quip docs in Slack
- Get notified of changes to your docs
- Available on iOS/Android/Desktop/Web
- Online/Offline

Join & Write a Comment

#Citrix #Citrix Netscaler #HTTP Compression #Load Balance
ADCs have gained traction within the last decade, largely due to increased demand for legacy load balancing appliances to handle more advanced application delivery requirements and improve application performance.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…

708 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

15 Experts available now in Live!

Get 1:1 Help Now