Solved

Remote access VPN server (virtual machine)

Posted on 2013-11-14
4
727 Views
Last Modified: 2013-11-20
Our server consists of a single VMWare ESXi server with a dozen virtual machines running various services on it. The ESXi host is in a datacenter with one single public IP address that gets some pretty good bandwidth.

The host is not directly internet facing. There's a VM inside which is running the pfSense router distro, and it essentially does NAT and routing for all of the VMs inside the server. All the other VMs are on a small virtual local area network.

I need to set up some dead-easy remote access VPN for our remote workers to access this network.

It needs to be:

    1) Really easy for the end user to install the VPN software and get up and running
    2) Uses Active Directory for user authentication, and groups for access control
    3) Somewhat configurable with regards to what parts of the local network the remote user has access to
    4) Solid and work well in a variety of non-ideal networking environments (e.g. hotel, tethered to a cell phone, etc)

We have a Windows Small Business Server 2011 VM running on this server, so a simple solution was to set up PPTP VPN, but it isn't secure. I have not been successful configuring IPSec and L2DP VPN on the SBS 2011 virtual machine.

Originally I wanted to set up the pfSense router's internal VPN services and use that, but again PPTP is insecure, I wasn't successful setting up L2DP or IPSec, and OpenVPN seems pretty complicated for the end user.

Are there any virtual appliances that provide a really easy remote-access VPN solution + a client that works reliably on Windows?

I was thinking about this:
https://openvpn.net/index.php/access-server/overview.html

But wondering if there's maybe some other products I might be overlooking?

Commercial is okay so long as it's a relatively small one-time licensing cost.
0
Comment
Question by:Frosty555
  • 2
4 Comments
 
LVL 32

Accepted Solution

by:
nappy_d earned 500 total points
ID: 39650919
Take a look at openVPN. I've been using it and it does all you ask for.
0
 
LVL 37

Expert Comment

by:ArneLovius
ID: 39651303
As an alternative to pfSense, you might also look at Sophos UTM which can run as a Virtualised instance, this has an SSL VPN.

You might also use Remote Web Workplace on SBS
0
 
LVL 31

Author Closing Comment

by:Frosty555
ID: 39661258
It pains me to accept this comment as the answer. It feels like a "drive-by" answer and you didn't actually take the time to read my question. I specifically mentioned OpenVPN and my concerns with it's complexity to set up and configure. I even linked to the commercial "OpenVPN Access Server" product as something I was considering, and then I clearly asked what my alternatives were. Your answer completely ignores all of that.

But in the end, I figured out how to use pfSense properly, ran through the OpenVPN configuration wizards again and this time around it worked like a charm. So indeed, OpenVPN was the answer.
0
 
LVL 37

Expert Comment

by:ArneLovius
ID: 39663884
Well you could have split the points as I provided alternatives to OpenVPN.,,
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

#Citrix #Citrix Netscaler #HTTP Compression #Load Balance
This article will inform Clients about common and important expectations from the freelancers (Experts) who are looking at your Gig.
Viewers will learn how to connect to a wireless network using the network security key. They will also learn how to access the IP address and DNS server for connections that must be done manually. After setting up a router, find the network security…
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…

816 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

13 Experts available now in Live!

Get 1:1 Help Now